NIST Approves Post-Quantum Encryption Standards

The US National Institute for Standards and Technology (NIST) has officially approved a new set of encryption algorithms for post-quantum cryptography (PQC) standards. These PQC algorithms were selected by NIST from a competition over the last eight years and are now being used in new standards that will replace current encryption methods.

In the US, the NSA has already mandated that national security systems adopt PQC by 2030. Similarly, the UK’s National Cyber Security Council strongly recommends implementing these standards, making it a commercial imperative for organizations to adopt them.

Dr. Ali El Kaafarani, CEO and founder of UK cryptography developer PQShield, stated, “By ratifying and publishing its post-quantum cryptography standards, NIST is triggering the biggest and most significant cybersecurity transition in history.” Lily Chen, NIST Fellow, added, “This summer will be very exciting as we are ready to publish three cryptographic standards that can be used for cybersecurity in quantum times.”

Joost Renes, security architect at NXP Semiconductor, emphasized the importance of post-quantum encryption technology in various domains, including automotive, industrial, and smart cards. He highlighted the need for long-term safety guarantees and the importance of key encapsulation for securing session keys and data shared with other parties.

PQShield, a key contributor to the new NIST standards, has advised governmental bodies and companies on the migration to PQC. Its quantum-secure technologies are already being utilized by companies across the global technology supply chain to enhance security.

With the threat of ‘harvest-now-decrypt-later’ attacks looming, organizations are urged to start planning for post-quantum cryptography to ensure the protection of critical national infrastructure and secure technology supply chains for the future.

The standards published include key encapsulation and digital signatures, which are crucial for different use cases. Companies like NXP Semiconductor are actively contributing to the development of these standards and preparing for their adoption in various protocols and technologies.

Duncan Jones, head of cybersecurity at quantum computer maker Quantinuum, stressed the urgency for CISOs to adopt the new standards to safeguard data against potential decryption by future quantum computers. The transition to quantum security is essential for protecting sensitive data and ensuring cybersecurity resilience.

As advancements in quantum technology continue to progress, the standardization of NIST’s PQC algorithms marks a critical milestone in the journey towards achieving fault-tolerant quantum computers. Organizations must now focus on implementing a comprehensive strategy that includes PQC and quantum-derived technologies to enhance cybersecurity defenses.

References: www.csrc.nist.gov; www.nxp.com; www.pqshield.com