US authority: NIST adopts standards for post-quantum encryption
After years of selection, three encryption standards have now been established that are designed to withstand attacks by quantum computers.
(Image: Jackie Niam/Shutterstock.com)
The US standardization authority NIST (National Institute of Standards and Technology) has published a first collection of encryption tools that are designed to withstand attacks by quantum computers and are therefore future-proof.
In a selection process that took more than two years, three US federal standards for information processing (FIPS, Federal Information Processing Standard) were created. These include procedures for key exchange and encryption:
- FIPS-203 is based on the Kyber algorithm with key lengths of 512, 768 and 1024 bits. The algorithms have been renamed ML-KEM (Module Lattice-Based Key-Encapsulation Mechanism); the standard is intended to serve as the primary encryption standard.
- FIPS-204 is also named after a mythical crystal and contains the quantum-secure algorithms for digital signatures now known as ML-DSA (Module-Lattice-Based Digital Signature Algorithm),
- Finally,FIPS-205 is based on the Sphincs+ algorithm, now renamed SLH-DSA (Stateless hash-based Digital Signature Algorithm). This standard serves as a backup in case the algorithms in FIPS 204 turn out to be vulnerable
Science fiction crystals
Both FIPS-203 and FIPS-204 contain algorithms from the CRYSTALS (Cryptographic Suite for Algebraic Lattices) initiative, a research consortium of various universities, hardware and software manufacturers. The original names of the algorithms are taken from the most famous science fiction universes. In the Star Wars series, cyber crystals are needed to build lightsabers, and without dilithium crystals, neither the legendary Scotty nor his successors on the starship Enterprise could start up the warp drive.
Quantum-safe encryption is an important topic for security experts and authorities. The BSI, together with European partners, has called for the alternative method of quantum key distribution (QKD) to be abandoned and for the first implementations of post-quantum cryptography to be rushed through instead. Meanwhile, Dan J. Bernstein, renowned cryptologist and open-source veteran, criticized stupid calculation errors in the selection of Kyber-512, which has now become part of the new standards as ML-KEM-512 in FIPS 203.
(cku)
