Aug 14, 2024 12:22:00

The National Institute of Standards and Technology has released three final post-quantum cryptography standards: ML-KEM, ML-DSA, and SLH-DSA.

When quantum computers become practical, there is a possibility that the keys to existing encryption technologies may be broken, so algorithms that can defend against both conventional and quantum computer attacks are required. The National Institute of Standards and Technology (NIST) has released three final standards for 'post-quantum cryptography (PQC)' for this purpose.

NIST Releases First 3 Finalized Post-Quantum Encryption Standards | NIST

https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards

NIST's post-quantum cryptography standards are here - IBM Research

https://research.ibm.com/blog/nist-pqc-standards

Post-Quantum Cryptography FIPS Approved | CSRC

https://csrc.nist.gov/News/2024/postquantum-cryptography-fips-approved

Google Online Security Blog: Post-Quantum Cryptography: Standards and Progress
https://security.googleblog.com/2024/08/post-quantum-cryptography-standards.html

The first post-quantum cryptography standards are here | TechCrunch
https://techcrunch.com/2024/08/13/the-first-post-quantum-cryptography-standards-are-here/

One of the technologies that keeps the Internet safe is 'encryption.' Most web browser sessions are encrypted to prevent data being read or modified during transmission.

However, when quantum computers are put into practical use, existing asymmetric key cryptography may be broken. According to a 2021 study, a 2048-bit integer in RSA cryptography could be decrypted in about 8 hours with a 20 million qubit quantum computer. The processor 'Condor' announced by IBM in December 2023 is 1121 qubits, so a '20 million qubit quantum computer' will not appear immediately, but development technology is expected to grow significantly in the future.

For this reason, NIST has been working on standardizing algorithms that can withstand attacks from quantum computers.

The National Institute of Standards and Technology adopts four encryption algorithms to protect against quantum computer attacks - GIGAZINE

NIST has announced three PQC standards this time.

The first, ' ML-KEM ', is derived from Crystal Kyber and is the primary encapsulation mechanism used for general encryption such as accessing protected websites.

The second, ' ML-DSA ', is derived from Crystal Dilithium and is a lattice-based algorithm for general-purpose digital signature protocols.

The third, ' SLH-DSA ', is derived from SPHINCS+ and is a stateless hash-based digital signature scheme.

They have been approved by the Secretary of Commerce as Federal Information Processing Standards (FIPS) and given the numbers 'FIPS 203,' 'FIPS 204,' and 'FIPS 205,' respectively.

NIST is also continuing to evaluate two algorithms that could potentially become backup standards in the future, and future PQC standards will serve as backups to the three algorithms announced today.

'You don't have to wait for future standards. Just use these three,' said Dustin Moody, a mathematician at NIST who leads the PQC standards program. 'We'll need to be prepared for attacks that break these three standard algorithms, so we'll continue to work on backup plans to keep our data safe. But for most applications, these new standards will be the main ones.'