IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

US unveils next-gen encryption tools to withstand quantum computing attacks

The National Institute of Standards and Technology (NIST) hopes to offer a variety of tools for quantum-proof encryption

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has revealed the first four encryption tools that are designed to withstand future cyber attacks powered by quantum computing.

The four selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, which is expected to be finalised in two years. They’ll be used to withstand potential future assaults by hackers using quantum computers, which may have the ability to crack the security used to protect privacy in digital systems, including in online banking and email software.

The announcement is part of a six-year effort pushed by NIST when, in 2016, it called on the world’s cryptographers to devise and vet encryption methods that could resist an attack from a future quantum computer that would be more powerful than today's most advanced hardware. NIST said the selection of these encryption tools marks the beginning of the finale of the agency’s post-quantum cryptography standardisation project.

Four additional algorithms are under consideration for inclusion in the standard, and NIST plans to announce the finalists from that round in the near future. It said it’s announcing its choices in two stages because of the need for a robust variety of defence tools. The agency also said there are different systems and tasks that use encryption, and a useful standard would offer solutions designed for different situations, use varied approaches for encryption, and offer more than one algorithm for each use case in the event one proves vulnerable.

“NIST constantly looks to the future to anticipate the needs of US industry and society as a whole, and when they are built, quantum computers powerful enough to break present-day encryption will pose a serious threat to our information systems,” said under secretary of commerce for standards and technology, and NIST director, Laurie E Locascio. “Our post-quantum cryptography programme has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”

Which encryption tools can withstand a quantum computer attack?

The four quantum-resistant algorithms rely on maths problems that both conventional and quantum computers should have difficulty solving, thereby defending privacy both now and down the road, added the agency.

The algorithms are designed for two main tasks for which encryption is typically used, general encryption, used to protect information exchanged across a public network, and digital signatures, used for identity authentication. All four of the algorithms were created by experts collaborating from multiple countries and institutions. 

Related Resource

Introducing IBM Security QRadar XDR

A comprehensive open solution in a crowded and confusing space

Whitepaper cover with title over a grey rectangle and a dark header banner with turquoise lines and ESG logoFree Download

For general encryption, used when users access secure websites, NIST has selected the CRYSTALS-Kyber algorithm. Its advantages include comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation. 

For digital signatures, often used when users need to verify identities during a digital transaction or to sign a document remotely, NIST has selected the three algorithms CRYSTALS-Dilithium, FALCON and SPHINCS+. Reviewers noted the high efficiency of the first two, and NIST recommends CRYSTALS-Dilithium as the primary algorithm, with FALCON for applications that need smaller signatures than Dilithium can provide. The third, SPHINCS+, is larger and slower than the other two, but is valuable as a backup for one key reason: It’s based on a different maths approach than all three of NIST’s other selections.

Three of the selected algorithms are based on a family of maths problems called structured lattices, while SPHINCS+ uses hash functions. The additional four algorithms still under consideration are designed for general encryption and do not use structured lattices or hash functions in their approaches. 

While the standard is in development, NIST has encouraged cyber security experts to explore the new algorithms and consider how their applications will use them, but not to deploy them into their systems yet, as the algorithms could change slightly before the standard is finalised.

To prepare, NIST said that users can inventory their systems for applications that use public-key cryptography, which will need to be replaced before cryptographically relevant quantum computers appear. They can also alert their IT departments and vendors about the upcoming change.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Google adds two universities to Australian quantum computing initiative
Business strategy

Google adds two universities to Australian quantum computing initiative

28 Jul 2022
Quantum is 'the future of AWS system security', Amazon claims
Network & Internet

Quantum is 'the future of AWS system security', Amazon claims

23 Jun 2022
BT and Toshiba address QKD concerns with new trial
encryption

BT and Toshiba address QKD concerns with new trial

27 Apr 2022
AWS launches quantum random number generator
cloud computing

AWS launches quantum random number generator

26 Apr 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Electrical explosion reported at Google's Iowa data centre
data centres

Electrical explosion reported at Google's Iowa data centre

9 Aug 2022