The U.S. Department of Commerce’s National Institute of Standards and Technology today released its Federal Information Process Standards for post-quantum cryptography, a new set of standards that address the emerging security challenges posed by quantum computing.

The three new standards have been designed to ensure that digital communications remain secure against future threats while strengthening current cryptographic practices. The standards are also being released at a time when encryption vulnerabilities are becoming more urgent because of the rise of artificial intelligence-driven attacks.

NIST started the process of establishing post-quantum encryption, also called post-quantum cryptography or PQC, standards in 2016, calling on cryptographers to devise encryption methods that could resist an attack from a future quantum computer.

As noted when NIST preliminary chose four encryption tools as part of the process back in 2022, quantum computers, at least as they exist today, cannot crack high-level encryption. However, with ongoing progress in the sector, it’s believed the technology will advance enough that quantum computers will be able to crack those standards, hence the need to start creating new encryption standards now.

Forward two years and though quantum computers still can’t crack high-level encryption, progress in their development continues. Companies in quantum computing, such as Alice & Bob, are offering increasingly powerful quantum computing, such as with the launch of the first cat qubit quantum chip in May.

According to NIST, the need for new standards is urgent, as cybersecurity threats such as ransomware, advanced persistent threats and data leaks continue to evolve, including the increasing role of AI to exploit and extract vulnerabilities. Strong cryptography plays a pivotal role in this landscape.

The first of the three new standards, FIPS 203, is derived from Kyber, a post-quantum cryptographic algorithm that was developed as part of the NIST Post-Quantum Cryptography Standardization project. The standard is used in key agreement protocols such as Transport Layer Security and replaces traditional methods with fast performance despite larger public keys and ciphertexts.

FIPS 204, the second standard, is based on Dilithium, a post-quantum cryptographic algorithm designed for digital signatures and intended to be used with digital signatures. The standard is said to outperform current methods in speed of verification with support for larger signatures and public keys.

The third standard, FIPS 205, is based on the security of SHA-2 or SHA-3 and offers robust security with very small public keys (32 bytes) but generates larger signatures of about 7 kilobytes. The standard is claimed to be ideal for applications like firmware updates, where quick verification is essential.

Two of the standards, FIPS 203 and 204, were based on algorithms designed by IBM Corp., originally known as CRYSTALS-Kyber and CRYSTALS-Dilithium, in collaboration with industry and academic partners. The third, FIPS 205, was co-developed by a researcher who has since joined IBM.

IBM, which is designing its own quantum computers, argues that the official publication of the algorithms marks a crucial milestone in advancing the protection of encrypted data from cyberattacks that could be attempted through the unique power of quantum computers. The company says they’re rapidly progressing to cryptographic relevancy. When quantum computers eventually have enough computational power, they will be used to break the current encryption standards underlying most of the world’s data and infrastructure today.

“We are excited about the incredible progress we have made with today’s quantum computers, which are being used across global industries to explore problems as we push towards fully error-corrected systems,” said Jay Gambetta, vice president of IBM Quantum. “However, we understand these advancements could herald an upheaval in the security of our most sensitive data and systems.”

Gambetta added that “NIST’s publication of the world’s first three post-quantum cryptography standards marks a significant step in efforts to build a quantum-safe future alongside quantum computing.”

The risk of quantum security armageddon could be within reach this decade. IBM’s Quantum Development Roadmap includes plans to deliver its first error-corrected quantum system by 2029. The system is anticipated to run hundreds of millions of quantum operations to return accurate results for complex and valuable problems that are currently inaccessible to classical computers.

Others in the industry welcomed the new standards as well.

“NIST’s standards are a critical milestone that should motivate organizations to take the quantum threat seriously,” said Markus Pflitsch, founder and chief executive of Terra Quantum, a Swiss-German quantum company. “While the U.S. government has been more reserved about embracing QKD compared to Europe, it’s encouraging to see increasing support for a holistic approach to post-quantum cybersecurity. A comprehensive security strategy will also consider the role of quantum key distribution, which provides additional layers of security.”

The NIST standardization marks the start of a new era for chief information security officers and their security teams, moving them into planning and implementation, said Duncan Jones, head of cybersecurity at Quantinuum Ltd. “Every CISO now has a mandate to urgently adopt these new standards alongside other methods for hardening their cybersecurity systems,” he said. “We know that data stolen today could be decrypted at any time in the future, and sensitive data such as health records or financial data falling into the wrong hands would be damaging. We work with a wide range of enterprise customers, and it’s clear that successful CISOs recognize quantum is an ally as well as a threat.”

Companies working in quantum computing also see an opportunity to provide guidance in preventing security problems. “Migrating to new cryptographic algorithms is often a slow process, even when weaknesses affect widely-used crypto systems, because of organizational and logistical challenges in fully completing the transition to new technologies,” Royal Hansen, vice president of privacy, safety and security engineering at Google LLC, and Google Cloud CISO Phil Venables wrote in a blog post today. “For example, NIST deprecated SHA-1 hashing algorithms in 2011 and recommends complete phase-out by 2030. That’s why it’s crucial to take steps now to improve organizational preparedness, independent of PQC, with the goal of making your transition to PQC easier.”

With reporting from Robert Hof

Image: SiliconANGLE/Ideogram