In a historic announcement today, the National Institute of Standards and Technology (NIST) shared the first set of algorithms designed specifically to guard systems and networks against attacks by quantum computers. These computers significantly expand the amount of information that a typical computer can process, which provides them with a leg up over the security products used today since these are designed for traditional computing systems. NIST's announcement was part of an eight-year-long project that solicited algorithms worldwide before deciding which software to use to protect from quantum computers.
NIST's Quantum Security Algorithms Seek To Outpace Development Of Systems Capable Of Defeating Current Standards
The dependence of the world's internet traffic, financial systems, and public and private communications infrastructure depends on algorithms that prevent unauthorized users from reading private information destined only for a select number of parties. However, these algorithms, which secure trillions of dollars for industries from nefarious actors, have been designed to withstand attacks from traditional computers, which cannot match the computational requirements needed to crack the software.
With quantum computing, researchers worry that systems such as Grover's and Shor's algorithms can bypass nearly all of today's protection software. NIST's latest announcement seeks to resolve some of these concerns, as the department has announced three new algorithms designed to protect data from attacks from quantum computers. Crucially, NIST outlines that the algorithms are ready for use today. They are shared on its website, with each package containing the software code and the instructions to implement it.
The three new quantum protection algorithms are based on the CRYSTALS-Kyber, CRYSTALS-Dilithium and Sphincs+ standards. After receiving 85 algorithms from countries, NIST selected these, and their drafts were released in 2023. The first standard, CRYSTALS-Kyber, is the only one which focuses on general encryption. This is used to protect information on networks, and it has been dubbed Module-Lattice-Based Key-Encapsulation Mechanism Standard, or ML-KEM, by NIST.
The remaining two focus on digital signatures, which computers use to verify the authenticity of documents, messages and other data. CRYSTALS-Dilithium and Sphincs+, dubbed Module-Lattice-Based Digital Signature Algorithm (ML-DSA) and Stateless Hash-Based Digital Signature Algorithm (SLH-DSA), respectively, protect digital signatures. Within these, ML-DSA is the NIST's primary line of defense, and the backup standard is SLH-DSA, which is to be used in case ML-DSA is compromised.
SLH-DSA isn't the only backup that NIST is working on. While these three standards have been publicly released, the agency is working on two additional standards that it believes "could one day serve as backup standards." One will target general encryption, while the other will work with digital signatures. The general encryption standards cover three algorithms, and the agency hopes to release two later this year.
NIST's digital signature backups are more diverse. Within these, NIST will announce 15 algorithms for evaluation in the "near future." However, the agency maintains that these standards will only be backups for the algorithms announced today, which are ready for implementation.
Follow Wccftech on Google to get more of our news coverage in your feeds.
