Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Post-quantum cryptography hits standardization milestone

ANALYSIS The first four standardized protocols for post-quantum cryptography have been unveiled, laying the foundations for the development of apps and web technologies that incorporate “future proof” encryption.

An ongoing standardization process led by the US federal government’s National Institute of Standards and Technology (NIST) last week resulted in the announcement of a quartet of preferred protocols.

The selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, expected to be finalized over the next two years. Four additional algorithms are still under consideration for inclusion in the standard.

NIST said in a statement that it recommends two primary algorithms to be implemented for most use cases: CRYSTALS-KYBER (key-establishment) and CRYSTALS-Dilithium (digital signatures).

More than one algorithm for each use case is being sought as backup in the event one or other approach proves vulnerable.

The dilithium crystals can take it

For digital signatures, NIST recommends CRYSTALS-Dilithium as the primary algorithm, with FALCON for applications that need smaller signatures than Dilithium can provide. A third algorithm, SPHINCS, is slower than the other two but still received the go-ahead because it is based on a different mathematical process and therefore offers a chance to add diversity.

NIST’s Dustin Moody explained why a further round of selection was needed.

“Of the four algorithms we selected, one is for encryption and three are for digital signatures,” Moody told The Daily Swig. “Of the four algorithms that we will continue to study in the fourth round, all four are encryption algorithms.

“The primary motivation for this is to find a non-lattice-based signature scheme which is suitable for general purpose use to be a backup for our lattice-based signature algorithms we are standardizing (Dilithium and Falcon),” Moody added.

He continued: “Our current NIST public-key standards cover encryption and signatures. So that is what our standardization process was targeted for – to replace the vulnerable cryptosystems in those standards. Other functionalities may be considered in the future.”

Quantum leap

The long-running search for next-generation cryptographic techniques is necessary because current encryption protocols, such as RSA, base their security on solving mathematical problems that are beyond the reach of even the most powerful conventional computers.

Sufficiently powerful quantum computers – which operate according to a completely different paradigm than current PCs or servers – might be able to crack today’s existing public key cryptography algorithms. Simply increasing the key length is insufficient to address this potential threat, hence the need to look to the development of post-quantum cryptography protocols.

Store now, decrypt later

Even though the current generation of quantum computers are largely experimental and beset by engineering challenges, adversaries might well be pre-planning for their future availability with so-called “store-now-decrypt-later” attacks.

If successful, such attacks would leave a growing volume of conventionally encrypted financial, government, commercial, and health-related data exposed to attack from sufficiently capable quantum computers.

Quantum computers rely on the properties of quantum states – such as superposition, interference, or entanglement – rather than the simple binary states (0 or 1) of conventional computers, in processing computational tasks.

Advertisement. Scroll to continue reading.

When combined with quantum algorithms, the technology might be expected to solve some mathematical problems, such as integer factorization, in a manageably short time – posing a threat to present encryption schemes that ultimately depend on the current intractability of such problems.

Quantum-resistant algorithms rely on math problems that both conventional and quantum computers should have difficulty solving.

Heading on the right track

Industry experts welcomed NIST’s announcement because it offers a degree of certainty about where the industry is heading.

Developers behind the OpenSSH protocol have already taken initial steps to support post-quantum cryptography protocols in key exchange.

NIST’s endorsement of a set of approaches also offers a much clearer roadmap for mainstream adoption of future-proofed encryption techniques.

Duncan Jones, head of cybersecurity at Quantinuum, commented: “Organizations can now accelerate their implementation and testing efforts, safe in the knowledge they aren’t backing the wrong horse.

CISOs in every industry should be working hard on their post-quantum migration plans, so they are ready to launch into production as soon as standardization is complete in 2024,” Jones added.

Secure webmail provider Tutanota has already developed a working prototype to securely encrypt emails using algorithms selected by NIST, namely CRYSTALS-Kyber and CRYSTALS-Dilithium.

“The algorithms now picked by NIST have proven to the best choice for quantum resistant encryption in our email prototype,” said Vitor Sakaguti, member of quantum encryption research project PQMail.

Source: https://portswigger.net/daily-swig/post-quantum-cryptography-hits-standardization-milestone

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Zero Trust Data Access (ZTDA) constitutes a fundamental aspect of the wider Zero Trust security framework, which entails limiting data access. The Zero Trust security approach...

Cyber Security

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich....

Cyber Security

The protocols SSL (Secure Sockets Layer) and TLS (Transport Layer Security), are used to create secure connections between networked computers. The terms “SSL” or...

Cyber Security

Security researchers have dissected a recently emerged ransomware strain named ‘Big Head’ that may be spreading through malvertising that promotes fake Windows updates and Microsoft Word...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO