(TechnologyReview) NIST launched a competition in 2016 to develop new standards for cryptography that will be more quantum-proof. The race is long, with the winners set to be announced in 2022, but last week the organization announced that it had narrowed the initial field of 69 contenders down to just 15. MIT’s Technology Review give an upclose look at the 15 finalists and the reasons this group moves forward to the next round.
And so far a single approach to “post-quantum cryptography” accounts for the majority of the finalists: lattice-based cryptography.
Public-key encryption uses traditional math to encode data, unlocking it only for those who have the key—or can figure it out. Lattice-based cryptography instead uses enormous grids with billions of individual points across thousands of dimensions. Breaking the code means getting from one specific point to another—which is essentially impossible unless you know the route.
Even the National Security Agency, the US spy agency that has long sounded alarms over the threat posed by quantum computers, recently expressed confidence in lattice-based approaches.
Post-quantum approaches will only work if they can be used in all the places that high-level cryptography will be needed. For example, the size of the key required to decrypt data is important: imagine what will be possible inside a piece of medical equipment that has little memory and severely limited bandwidth. If the math is so complex that opening the lock requires a massive key, the solution may not pass the usability test.
Five of the shortlisted candidates announced last week use lattice approaches that have no known quantum solution, and NIST’s new status report says they are “the most promising general-purpose algorithms” in the list.