(SCMagazine) A years-long project by the federal government to develop new “post-quantum” cryptography standards will be finalized later this year, according to an official at the National Institute for Standards and Technology.
With the prospect of both quantum computing and code breaking not too far over the horizon, officials at NIST have been working since 2016 to plan for what comes next. After taking dozens of proposals for different standards, the agency has spent the past three years narrowing down the list of candidates in a quest to select a small handful of algorithms that will likely be used to underpin future IT hardware and software across industries.
Dustin Moody, a mathematician at NIST who is leading the project, said he now sees “light at the end of the tunnel” for the project and that NIST plans to announce which algorithms will be standardized by the end of 2021.
“We will name the [finalists] roughly about the end of this year, and then we’ll write up some draft standards, we’ll put those out for public comment, and it will probably take us a year or two to get that all done,” said Moody. “We expect final standards to be ready about 2024 [so] that people can begin using and adopting these algorithms.”
The agency has settled on seven finalist algorithms, all of which they believe will be ready for standardization after this latest round of evaluations, along with another eight as backups. Many of the proposals intentionally draw from different cryptography standards or approaches — part of the agency’s plan to have viable encryption alternatives if one of the choices doesn’t work as intended or an unforeseen development in quantum cryptography leaves one or two algorithms vulnerable in the future.