As expected, the National Institute of Standards and Technology named its initial set of post-quantum cryptography standards, with CRYSTALS-KYBER chosen as the only public key encryption standard at this time, and CRYSTALS-Dilithium, FALCON and SPHINCS+ selected as digital signature standards.
Now that the long-awaited reveal has happened, industry reaction is rolling in.
Professor Peter Schwabe, who co-authored several standard candidate and finalists, including CRYSTALS-KYBER and CRYSTALS-Dilithium, and is a PQShield advisory board member, said, “It is great to see the NIST post-quantum cryptography standardization effort come to a first conclusion today after months of anticipation. This has been a major effort for the international research community across both academia and industry, and the team at PQShield has been a big part of this.”
He also stated, “Since the standardization project began in 2016, there’s been a shift in attitudes towards PQC, and it is now understood as a critical part of a secure future. Now, it is going to be exciting to see more and more applications and systems transition to this next generation of asymmetric cryptography.”
Duncan Jones, head of cybersecurity for Quantinuum, said in an email statement, “The announcement from NIST is a major leap towards a quantum-safe economy. Organizations can now accelerate their implementation and testing efforts, safe in the knowledge they aren’t backing the wrong horse. CISOs in every industry should be working hard on their post-quantum migration plans, so they are ready to launch into production as soon as standardization is completed in 2024.”
He added, “Specifically, I am pleased that NIST is strongly recommending two algorithms to help cybersecurity professionals focus their implementation efforts. I was also somewhat surprised SPHINCS+ was selected considering its recognized performance limitations, but it’s understandable given the vulnerabilities discovered with the Rainbow digital signature.”
The Rainbow signature which was proven to be successfully hacked in recent months, did not make the final list of standards or the list of candidates that are advancing to Round 4 for more analysis. However, NIST has continued to say that there will be a mix of PQC standards and companies in the sector have tended to agree that the process is far from over.
The choice of CRYSTALS-KYBER was not a surprise to anyone. QuSecure officials said in a statement that because KYBER “was benchmarked to be a front-runner in terms of efficiency prior to NIST’s standardization, QuSecure has been employing Kyber in the first U.S. Government Post-Quantum Communications demonstration since June 21. The company’s QuProtect system “was deployed to establish a post-quantum communications channel and has been protecting U.S. Government airspace data with 100% up-time using the now-standard Kyber cryptosystem.”
Like Quantinuum’s Jones, Edlyn Teske, Senior Crypto Expert at Cryptomathic, highlighted the need for enterprise security officials to get to work on their quantum-safe strategies. “Now it’s time to apply NIST’s recommendation and ready ourselves for change,” Teske said. “In practice, this means that CSOs need to take stock of their organization’s ability to rapidly switch the cryptographic algorithms that underpin your data security, without upending your entire infrastructure – an approach commonly known as being ‘crypto-agile’. Organizations that invest time and money into achieving true crypto-agility as a near-term priority will be ready to deploy NIST-standardized algorithms as they become available and will be much better prepared to protect their assets from post-quantum threats than those who wait.
Dan O’Shea has covered telecommunications and related topics including semiconductors, sensors, retail systems, digital payments and quantum computing/technology for over 25 years.