The U.S. National Institute of Standards and Technology this week unveiled three encryption algorithms designed to resist cyberattacks, which industry observers said are a positive step toward preventing cyberattacks that break current encryption methods.
The Federal Information Processing Standard (FIPS) 203, 204, and 205 provide standards for general encryption and protecting digital signatures. They were derived from multiple submissions in NIST’s post-quantum cryptography standardization project.
Quantum computers are rapidly increasing the ability for high-performance computing, and the new standards are ready for immediate use, NIST said.
“Quantum computing technology could become a force for solving many of society’s most intractable problems, and the new standards represent NIST’s commitment to ensuring it will not simultaneously disrupt our security,” said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio, in a statement. “These finalized standards are the capstone of NIST’s efforts to safeguard our confidential electronic information.”
Although the IEEE pointed out that large-scale quantum computers likely won’t be built for another 10 years, NIST is concerned about PQC because almost all data on the internet is protected with the RSA encryption scheme. Once large quantum computers are built, they would be able to undermine the security of the entire internet, the IEEE said.
Devices using RSA security, such as cars and IoT devices, will remain in effect for at least another decade, the IEEE said, so they need to be equipped with quantum-safe cryptography before they are used.
Another reason the new standards are needed is the “harvest now, decrypt later” strategy, where a threat actor potentially downloads and stores encrypted data today with plans to decrypt it once a quantum computer goes online, the IEEE noted.
The standards — which contain the encryption algorithms’ computer code, instructions for how to implement them, and their intended uses — took eight years to develop, NIST said. The agency added that it cast a wide net among the world’s cryptography experts to conceive, submit, and then evaluate cryptographic algorithms that could resist the assault of quantum computers.
Although the nascent technology could change the nature of industries spanning weather forecasting to fundamental physics to drug design, it poses threats as well.
These new algorithms are the first of many NIST will provide over the coming years, said Aaron Kemp, director of advisory technology risk at KPMG.
“The threat of quantum computing against current cryptographic standards cannot be understated,” he said. “And these algorithms provide the first step towards a new era of cryptographic agility.”
Organizations that have been waiting to begin their post-quantum cryptographic migration now have a set of standards to integrate into their systems, Kemp added.
“The federal government has mandated adoption of these standards by 2035 for federal entities, and businesses working with the government will need to follow suit,’’ he noted. “This is the first step in the largest cryptographic migration in history.”
Tom Patterson, emerging technology security lead at Accenture, characterized the new global encryption standards for quantum as “a pivotal moment in our cybersecurity landscape.”
Quantum computers present a significant risk to our current encryption methods, Patterson said.
Consequently, “Organizations must assess their quantum risk, discover vulnerable encryption within their systems, and develop a resilient cryptographic architecture now,” he explained, adding that the new standards will help organizations maintain their cyber resilience in the post-quantum world.
While today’s quantum computers are small and experimental, they are rapidly becoming more capable, “and it is only a matter of time before cryptographically-relevant quantum computers (CRQCs) arrive,’’ observed Tim Hollebeek, industry and standards technical strategist at DigiCert.
“These are quantum computers that are powerful enough to break the asymmetric cryptography used to protect communications and devices on the internet — and they could arrive in as little as five to 10 years.”
Hollebeek added: “The good news is that the problem can be solved by switching to new hard math problems that are not vulnerable to quantum computers, and the new NIST standards describe in precise detail exactly how to use these new hard math problems to protect internet traffic in the future.”
Colin Soutar, US and global quantum cyber readiness leader at Deloitte, called the new NIST standards “a great accomplishment.” But he noted that the key question around quantum cyber readiness is not so much when a CRQC will exist but whether there is a probability of one existing in the next five to 10 years.
In that case, organizations need to understand what their exposure will be from future CRQCs and ask themselves how long it will take to update their public key cryptography for data confidentiality and integrity, he said.
“We welcome the broader awareness that the NIST standards evoke in many industries—and hope that these upgrades are done in a voluntary risk-management based process,” Soutar said.