NIST has recently released the first three post-quantum cryptographic (PQC) standards [9], FIPS 203 [1] [3], FIPS 204 [1] [3], and FIPS 205 [1], to enhance global cybersecurity against future attacks using quantum technologies [7].
Description
Based on lattice cryptography and hash functions [3], these standards [1] [3] [4] [5] [7] [8] [9], including ML-KEM, ML-DSA [2] [3] [8] [9], and SLH-DSA [2] [3] [8] [9], are designed for general encryption and digital signatures [7] [9]. They offer robust security with fast performance and support for larger public keys and ciphertexts [1]. Developed by IBM Research cryptography researchers [2], these standards do not rely on factorization for security and are resistant to quantum-based decryption techniques [9]. The publication includes computer code, implementation instructions [7], and use cases for each algorithm [7], urging security practitioners to start using them immediately to protect electronic information. Organizations worldwide are preparing for the transition to a quantum-safe infrastructure [9], and it is important for them to have cryptographic agility to adapt to changing security requirements and prevent “harvest now, decrypt later” attacks [4]. PQC aims to defend against quantum computer attacks by implementing new algorithms that resist both classical and quantum computers [6]. Google has been using PQC to protect internal communications since 2022 and is actively contributing to PQC standards and implementations [6].
Conclusion
The release of these PQC standards marks a significant step in enhancing global cybersecurity against quantum threats. Organizations are urged to adopt these standards to protect their electronic information and prepare for the future of quantum-safe infrastructure. With the support of industry leaders like Google, the implementation of PQC standards is crucial in defending against evolving cyber threats.
References
[1] https://siliconangle.com/2024/08/13/nist-releases-federal-information-process-standards-post-quantum-cryptography/
[2] https://research.ibm.com/blog/nist-pqc-standards
[3] https://cybermagazine.com/articles/nist-standardises-ibms-post-quantum-cryptography-algorithms
[4] https://www.infosecurity-magazine.com/news/nist-quantum-cryptography-standards/
[5] https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards
[6] https://security.googleblog.com/2024/08/post-quantum-cryptography-standards.html
[7] https://www.darkreading.com/endpoint-security/nist-finalizes-post-quantum-encryption-standards
[8] https://www.networkworld.com/article/3486075/nist-finally-settles-on-quantum-safe-crypto-standards.html
[9] https://www.forbes.com/sites/tiriasresearch/2024/08/13/major-quantum-safe-milestone-reached-as-nist-publishes-pqc-standards/