finally come! NIST post-quantum cryptography standard to be released soon

NIST should publish its list of post-quantum cryptography (PQC) standards "at any time," according to National Institute of Standards and Technology (NIST) official Dustin Moody, who attended the PQC conference at the IQT Quantum Enterprise event in San Diego on Tuesday. Many in the quantum field had expected NIST's PQC standard to be released in late April.

Moody, a mathematician in NIST's Computer Security Division, said: "This is later than I initially expected, but it should be announced soon. The standard shortlist has now been reduced to 15 algorithms, seven of which are finalists and eight others. As an alternative standard. If recent reports of possible vulnerabilities in one or more of the standards lead to any last-minute changes, the alternative standard may come into play.”

NIST is ready to take the next step in PQC. In multiple sessions at the IQT event, stakeholders reiterated the potential value of PQC, especially in future hybrid environments where both PQC and quantum key distribution (QKD) are used to secure metro and edge

In December 2016, NIST announced a competition to select new quantum-resistant public key encryption algorithms that will eventually replace classic RSA and other public key encryption algorithms that may be vulnerable to future quantum computers.

 For the past five years, they have been accepting nominations, holding meetings, and going through three rounds of selection to decide which algorithms to recommend based on security, performance and other factors. The third round has now come to an end, and their initial selection of the new algorithm will be announced soon. The following table shows the final and alternative algorithms for Key Encapsulation Mechanism (KEM) and digital authentication, respectively.

Some algorithms still need further research, and the fourth round will discuss whether there are other algorithms that need to be standardized. The third round will consider standardization of the finalist algorithms, and the fourth round will consider further analysis and possible standardization of the candidate algorithms.

 Once the results of the third round of selection are announced, NIST will release a report explaining their decision. After that, NIST will draft the standards for public comment, and those options may not be formalized until 2024. In addition, the fourth round of analysis and recommendation activities will be completed within 12-18 months of the announcement of the fourth round of candidates. But if nothing else, the third round may be the final result.

We often hear the argument that companies should start working on quantum computing now or they will fall behind. But it's just as important, if not more important, for businesses to allocate resources and immediately start planning how to migrate their entire digital communications infrastructure to use quantum-resistant encryption.

While it may be another 10 years or so before quantum computers large enough to run Shor's algorithm and crack current public key algorithms, experience has shown that implementing the new method in the thousands of computers and software programs used in a typical enterprise Encryption will take 10 years or more.

 Furthermore, any data communication with a long shelf life may be vulnerable to a "get it now, decrypt it later" attack, which speeds up the time quantum-resistant encryption is required. Therefore, companies developing strategies need to answer some important questions, such as:

Which systems do we need to upgrade?

Will PQC support be automatically built into new software updates for the programs and apps we currently use?

How can we help our existing suppliers? Which new suppliers should we bring in to help us?

Should we use software-based PQC methods or physics-based QKD methods?

Should we consider using hybrid classical-quantum cryptography for additional security?

Will implementing the PQC algorithm have any performance impact on our system and user response time?

Link：

[1]https://www.insidequantumtechnology.com/news-archive/nist-pqc-standards-due-to-be-announced-any-day-now/

[2]https://quantumcomputingreport.com/nist-set-to-announce-round-3-post-quantum-cryptography-pqc-selections-within-the-next-few-weeks/#