NIST Announced Quantum-Safe Cryptographic Standards

Wed, 06 Jul 2022 22:10:05 -0700 

The U.S. National Institute of Standards and Technology (NIST) has announced 
four algorithms as new NIST standards in quantum-safe cryptography. The four 
winning algorithms are:

CRYSTALS-Kyber public-key encryption ("general encryption")
CRYSTALS-Dilithium digital signatures
FALCON digital signatures
SPHINCS+ digital signatures

"....NIST recommends CRYSTALS-Dilithium as the primary [digital signature] 
algorithm, with FALCON for applications that need smaller signatures than 
Dilithium can provide." SPHINCS+ is "somewhat larger and slower than the other 
two" digital signature algorithms. NIST views SPHINCS+ as a "backup" algorithm 
to Dilithium and FALCON.

IBM researchers developed CRYSTALS-Kyber, CRYSTALS-Dilithium, and FALCON in 
collaboration with industry and academic partners. They are already available 
in some IBM products including the new IBM z16 servers. (Previous generations 
can of course use software implementations, and for many generations of IBM 
zSystems/LinuxONE servers the classic algorithms that are quantum-safe, such as 
AES-256, also enjoy deep hardware support.)

The significance of this NIST announcement is that you can (and should) start 
evaluating your systems and software for quantum safety if you haven't started 
already. There's still some more work on the standards front (such as an update 
to TLS) that's expected, but NIST's announcement is big news.

NIST hasn't been able to settle on a "backup" algorithm to CRYSTALS-Kyber yet, 
so NIST is leaving the door open for further refinement and evaluation of four 
candidate "general encryption" algorithms.

For more information....

https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms
https://research.ibm.com/blog/nist-quantum-safe-protocols

— — — — —
Timothy Sipples
Senior Architect
Digital Assets, Industry Solutions, and Cybersecurity
IBM zSystems/LinuxONE, Asia-Pacific
[email protected]


----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www2.marist.edu/htbin/wlvindex?LINUX-390

Reply via email to