US selects four encryption algorithms to protect against future quantum attacks
One is used for general encryption, and three for identity protection
The US government has chosen four new encryption algorithms that should be able to protect secret digital communications from being decrypted by immensely powerful quantum computers.
There is fear in the wider cybersecurity community that the current encryption standards, protecting much of today’s digital communications across both private and public sector endpoints, will be rendered useless once quantum computers take off.
The four encryption algorithms will become part of the National Institute of Standards and Technology's (NIST) post-quantum cryptographic standard, the organization said in its announcement, adding that the standard should be finalized in “about two years”.
Post-quantum cryptography
“Today’s announcement is an important milestone in securing our sensitive data against the possibility of future cyberattacks from quantum computers,” said Secretary of Commerce Gina M. Raimondo.
“Thanks to NIST’s expertise and commitment to cutting-edge technology, we are able to take the necessary steps to secure electronic information so US businesses can continue innovating while maintaining the trust and confidence of their customers.”
NIST first started working on its post-quantum encryption solution in 2016. By choosing these four, the organization has reached “the finale of [its] post-quantum cryptography standardization project”.
“Our post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information,” said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
NIST isn’t stopping at four, either. And additional few are under consideration, the organization said, adding that it plans to announce the finalists from the second round sometime in the future.
Explaining the need for multiple standards and a multi-stage approach, NIST said that a useful standard offers solutions designed for different situations, uses varied approaches for encryption, and offers more than one algorithm for each use case.
“Our post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information,” added NIST Director Laurie E. Locascio.
The algorithms are designed for two main tasks: general encryption, and identity authentication. For the former, NIST selected the CRYSTALS-Kyber algorithm, which operates relatively small encryption keys, and moves relatively fast. The remaining three algorithms are dedicated to digital signatures, and those include CRYSTALS-Dilithium, FALCON and SPHINCS+.
- These are the best malware removal software right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.