NIST releases draft standards for three major anti-quantum algorithms!

Last year, the National Institute of Standards and Technology (NIST) selected four algorithms designed to defend against quantum computer attacks. Now, the agency has begun the process of standardizing these algorithms: the final step before making these mathematical tools available so that organizations around the world can integrate them into their own cryptographic infrastructures.

On August 24, local time, NIST released draft standards for three of the four algorithms selected for 2022; a draft standard for the fourth algorithm, FALCON, will be released a year later. NIST is calling on the global cryptographic community to provide feedback on the draft standards by November 22, 2023," the company said.

In this animated story, NIST's Matthew Scholl describes how the agency is working with government, academic, and industry teams from around the world to develop a new set of cryptographic standards that will work with current classical computers and also withstand attacks from future quantum computers.

Dustin Moody, a NIST mathematician and leader of the project, said, "We're about to see the light at the end of the tunnel, where people will have standards they can use in practice. Right now, we're soliciting feedback on the draft. Do we need to change anything, have we missed anything?"

Sensitive electronic information, such as emails and bank transfers, is currently protected using public-key cryptography, which is based on mathematical problems that cannot be easily solved by conventional computers. Quantum computers are still in their infancy, but a powerful enough quantum computer could solve these problems to beat encryption. Once completed, the new standard will provide the world with the first tools to protect sensitive information from this new type of threat.

NIST's work to develop quantum-resistant algorithms began in 2016 when the agency called on cryptographers around the world to submit candidate algorithms to NIST's Post-Quantum Cryptography Standardization Project. Experts from dozens of countries submitted 69 eligible algorithms by the November 2017 deadline.

NIST then published the 69 candidate algorithms for experts to analyze and, if possible, crack. The process was open and transparent, and many of the world's best cryptographers participated in multiple rounds of evaluation, thereby reducing the number of candidate algorithms.

While quantum computers powerful enough to break current encryption algorithms don't yet exist, security experts say it's important to plan ahead, in part because integrating new algorithms across all computer systems takes years.

Each of the new publications is a draft of a Federal Information Processing Standard (FIPS) for one of the four algorithms selected by NIST in July 2022:

- CRYSTALS-Kyber is designed for general cryptographic purposes such as creating secure websites and is covered in FIPS 203.

Link:

https://csrc.nist.gov/pubs/fips/203/ipd

- CRYSTALS-Dilithium is used to protect the digital signatures we use when signing documents remotely and is covered in FIPS 204.

Link:

https://csrc.nist.gov/pubs/fips/204/ipd

- SPHINCS+ is also designed for digital signatures and is covered by FIPS 205.

Link:

https://csrc.nist.gov/pubs/fips/205/ipd

FALCON, also for digital signatures, is scheduled to receive its own FIPS draft in 2024.

These documents provide detailed information that will help users implement the algorithms in their own systems, such as the full technical specifications of the algorithms and considerations for effective implementation.NIST says additional guidance will follow in companion publications.

NIST's efforts to develop quantum-resistant algorithms began in 2016 when the agency called on cryptographers around the world to submit candidate algorithms to NIST's Post-Quantum Cryptography Standardization Project. Experts from dozens of countries submitted 69 eligible algorithms by the November 2017 deadline.

NIST then published the 69 candidate algorithms for experts to analyze and, if possible, crack. The process was open and transparent, and many of the world's best cryptographers participated in multiple rounds of evaluation, thereby reducing the number of candidate algorithms.

While quantum computers powerful enough to break current encryption algorithms don't yet exist, security experts say it's important to plan ahead, in part because integrating new algorithms across all computer systems takes years.

Each of the new publications is a draft of a Federal Information Processing Standard (FIPS) for one of the four algorithms selected by NIST in July 2022:

- CRYSTALS-Kyber is designed for general cryptographic purposes such as creating secure websites and is covered in FIPS 203.

Link:

https://csrc.nist.gov/pubs/fips/203/ipd

- CRYSTALS-Dilithium is used to protect the digital signatures we use when signing documents remotely and is covered in FIPS 204.

Link:

https://csrc.nist.gov/pubs/fips/204/ipd

- SPHINCS+ is also designed for digital signatures and is covered by FIPS 205.

Link:

https://csrc.nist.gov/pubs/fips/205/ipd

FALCON, also for digital signatures, is scheduled to receive its own FIPS draft in 2024.

These documents provide detailed information that will help users implement the algorithms in their own systems, such as the full technical specifications of the algorithms and considerations for effective implementation.NIST says additional guidance will follow in companion publications.

Lattice cryptosystems are constructed using a geometric structure called a lattice and are represented using a mathematical array called a matrix.

The NIST team recently asked for submissions of additional signature algorithms designed by cryptographers after the original 2017 submission deadline, and the team plans to evaluate those submissions through multiple rounds of public programs over the next few years.

NIST is accepting public feedback on the FIPS 203, 204, and 205 draft standards through November 22, 2023.1 NIST is also accepting public comments on the FIPS 203, 204, and 205 draft standards. Comments can be submitted at the following URL:

- FIPS-203-comments@nist.gov;

- FIPS-204-comments@nist.gov;

- 和FIPS-205-comments@nist.gov.

Reference Links:

[1]https://executivegov.com/2023/08/nist-begins-standardization-process-for-4-quantum-threat-resistant-algorithms/

[2]https://www.nist.gov/news-events/news/2023/08/nist-standardize-encryption-algorithms-can-resist-attack-quantum-computers

[3]https://sciencesprings.wordpress.com/2023/08/24/from-the-national-institute-of-standards-and-technology-nist-to-standardize- encryption-algorithms-that-can-resist-attack-by-quantum-computers/