How do you secure your secrets against a technology so powerful it hasn’t even been invented yet?
This is the challenge the U.S. National Institute of Standards and Technology took on, in an effort to secure government secrets from tomorrow’s most powerful computing technologies.
On Tuesday, the agency released the first products of this work: three encryption standards guaranteed to be unbreakable, even by tomorrow’s (still non-existent) quantum computers, FIPS 203, FIPS 204 and FIPS 205.
Each of the releases includes the code for the encryption algorithms, along with instructions for how to implement them into security products, and suggestions about how they should be used.
NIST is also evaluating other algorithms to serve as backup, and expects to release a few of those by the end of the year.
Duty Now for the Future
Although quantum computing remains in a nascent stage, it could grow more powerful than today’s largest server clusters. NIST predicts this will happen within the decade.
So you need to secure your stuff today, against quantum attacks of the future, the U.S. federal agency is warning other government agencies. NIST is urging system administrators to start moving to “post-quantum” encryption as soon as possible.
What is Post-Quantum Cryptography?
The three encryption schemes, with more to come, are the work of the agency’s post-quantum cryptography (PQC) standardization project, launched in 2015.
NIST encryption algorithms have formed the basis of modern computing and the internet. They are used to digitally sign documents as well as encrypt data in storage or in transit.
Currently, the Advanced Encryption Standard (AES, FIPS 197), a symmetric block cipher, is the favored approach of NIST for encrypting sensitive data, coming in either 128-, 192- and 256-bit key lengths. AES has largely replaced the Data Encryption Standard (DES), which was offered as 56 bits, and as computer power increased, became more and more easily cracked.
Encryption algorithms have traditionally been built on mathematical calculations that, without they key, would be very difficult for today’s “classical” computers to solve. Typical cryptographic algorithms multiply two very large prime numbers to arrive at a key, a process that would computationally prohibitive to reverse engineer.
Quantum computers, using a still-unfinished set of physics laws that run quantum mechanics, could sift through all the prime numbers with ease, which would render traditional encryption algorithms barely protective of sensitive data.
For this new generation of encryptors, NIST based them on mathematical algorithms that would befuddle both classical and quantum computers.
“The PQC standards rely on the complex mathematics of polynomial lattices and hash functions. Cracking them would be a daunting task for even the most powerful cryptographically relevant quantum computer of the future,” explained IBM in a blog post detailing the new algos. IBM created two of the algorithms and had a hand in developing the third, according to the company.
The New Encryption Schemes
In a bit more detail, the new encryption methods are:
- FIPS 203, formerly known as Kyber, is a key encapsulation mechanism (KEM) called ML-KEM. It will be the primary algorithm for general-purpose encryption. It uses a mathematical lattice to encrypt data, based on the Module Learning with Errors problem.
- FIPS 204, formerly known as Dilithium, will be the primary algorithm for signing digital signatures. It also uses a mathematical lattice problem.
- FIPS 205, formerly SPHINCS+, is a stateless hash-based digital signature algorithm (SLH-DSA), one that uses multiple hashes to encrypt a message. This one will also be used for digital signatures, serving as a backup in case FIPS 204 gets cracked.
How MEL-KM works (NIST)
Discussion in the Community
While quantum computing remains a concept of the future, the time to guard against its misuse is now, experts noted.
“Every CISO now has a mandate to urgently adopt these new standards alongside other methods for hardening their cybersecurity systems,” wrote Duncan Jones, head of cybersecurity for quantum computing accelerator company Quantinuum, in an e-mail statement.
“We know that data stolen today could be decrypted at any time in the future, and sensitive data such as health records or financial data falling into the wrong hands would be damaging,” Jones wrote.
“We have been warned by the heads of the NSA, the FBI and even the White House that there are active nation-state attacks stealing currently encrypted data and that we need to switch PQC algorithms,” agreed Karl Holmqvist, founder and CEO of security solutions provider Lastwall, in a statement.
“Time is not on our side to change to quantum-resistant ciphers. We need to address this now – it’s time to get to work and eliminate outdated cryptography.”
The post NIST Secures Encryption for a Time After Classical Computing appeared first on The New Stack.
Though quantum computing is still in its infancy, NIST urges IT ops teams to move to quantum-resistant encryption algorithms, providing three to get started.