US Adopts Standards for Quantum-Resistant Security
Real, workable quantum computers do not yet exist, but new cryptography standards should already ensure that they do not immediately crack all security.
The US government has chosen new standards for a ‘post-quantum’ world. After a six-year competition, the government organization National Institute for Standards and Technology (NIST), which manages technical standards, has chosen four cryptographic algorithms that must be able to withstand cracking attempts by quantum computers.
For general encryption to secure websites, NIST chose Crystals-Kyber, which uses fairly small encryption keys and thus can be exchanged quickly and efficiently between two computers. There are three different algorithms for digital signatures, i.e. to prove which data was sent by whom. The first is Crystals-Dilithium, which will probably be the most commonly used. Falcon and Sphincs+ are indicated as an alternative.
The algorithms that have now been chosen must be able to withstand the moment when quantum computers are mature enough to be used to crack the encryption that is currently used. The quantum computer is an alternative to today’s computers. Instead of binary bits (zeros and ones), a quantum computer works with qubits that can be both on and off.
This should make specific calculations that current computers cannot handle much easier. But let encryption be based on mathematics that current computers cannot easily solve. That is why NIST started a design competition six years ago to build algorithms that are more future-proof.
Major tech giants such as IBM, Amazon and Google, among others, have been working on their own design for a quantum computer for several years, but we are still a long way from building a generally workable version. Today’s systems are very large and often have to run in extremely cold temperatures, while they do not yet produce that much computing power. It could therefore take several years before such a computer is also able to crack the current encryption. With these algorithms, NIST wants to get ahead of them.