NIST and Its Four Quantum-resistant Algorithms

Highlights: 

• Due to its speed and tiny encryption keys, the agency has now decided to use CRYSTALS-Kyber for general encryption and CRYSTALS-Dilithium, FALCON, and SPHINCS for digital signatures.
• Researchers predict that the development of the larger quantum cryptography market will reach a value of USD 291.9 million by 2026 as more organizations seek out or make investments in protecting themselves against future quantum threats.

The first four quantum-resistant algorithms to be a part of the American National Institute of Standards and Technology (NIST) post-quantum encryption standard were released today.

NIST has been holding a competition to find quantum-safe algorithms for the past six years. Due to its speed and tiny encryption keys, the agency has now decided to use CRYSTALS-Kyber for general encryption and CRYSTALS-Dilithium, FALCON, and SPHINCS for digital signatures.

Post-quantum cryptography’s push

The G7 nations recently committed to “new cooperation to deploy quantum-resistant cryptography to ensure secure interoperability between ICT systems and support growth in the digital economy.” This announcement follows that commitment.

This year, quantum cryptography has remained a hot topic. This happened especially in the light of a memo from the White House that highlighted that any digital system that relies on public standards for public-key cryptography might get subjected to an attack by quantum computers one day.

Introducing these new cryptographic standards will be crucial in assisting businesses while deciding which solutions to apply in their environments to safeguard their data against post-quantum dangers, which experts predict may manifest as early as 2030.

The market for quantum cryptography

Researchers predict that the development of the larger quantum cryptography market will reach a value of USD 291.9 million by 2026 as more organizations seek out or make investments in protecting themselves against future quantum threats. This also coincides with the introduction of the new cryptographic standards.

There is an increasing number of vendors in the market, all seeking to position themselves as the go-to quantum security supplier as world governments and security standardization groups highlight the need for post-quantum security solutions.

Post-Quantum, one of the leading vendors in the market, offers products including a post-quantum VPN and a quantum-secure end-to-end encrypted messaging app.

NIST is still considering future standardization of Post-Quantum’s Classic McEliece algorithm.

Another rival is PQShield, which offers post-quantum cryptography hardware with a System on Chip designed to protect smart cards and security chips from post-quantum attacks and an encrypted messaging platform. At the beginning of this year, PQShield announced it had raised USD 20 million as part of a Series A funding round.

The algorithms these providers employ to safeguard the organization’s environments distinguish them from one another. For instance, Post-Quantum uses its Classic McEliece method, but PQShield is algorithm-agnostic and relies on NIST’s recommended algorithms.

Experts’ Take

According to Gina Raimondo, the U.S. secretary of commerce, “today’s announcement marks a critical milestone in securing our sensitive data against the potential for future cyberattacks from quantum computers. We are able to take the required actions to safeguard electronic information because of NIST’s know-how and dedication to leading-edge technology, so U.S. firms may continue to innovate while preserving the faith and confidence of their consumers.”