Post Quantum Cryptography Is on the Way: U.S. NIST Announces First Draft Standards
What do the first draft PQC standards announced by NIST mean for the future of tech?
Post-quantum cryptography (PQC) has passed another milestone. The U.S. National Institute of Standards and Technology (NIST) announced on August 24, 2023, the first draft standards for PQC. Michela Menting of ABI Research explains the standards announced and how they’ll affect our evolving tech space.
NIST selected three of the four candidate algorithms it announced back in July 2023 and developed draft standards that it has published with a request for comments. The standards are:
- FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard, based on CRYSTALS-Dilithium
- FIPS 204, Module-Lattice-Based Digital Signature Standard, based on CRYSTALS-KYBER
- FIPS 205, Stateless Hash-Based Digital Signature Standard, based on SPHINCS+
The deadline for comments is November 22, 2023. NIST is currently still in the process of developing a Federal Information Processing Standards (FIPS), leveraging the fourth candidate algorithm (which is a digital signature algorithm), FALCON.
The announcement is an important one on the road to integrating quantum-safety in modern information and communication infrastructure. Since the NIST standardization process began in 2017, the developments in quantum computing have advanced significantly, which has prompted both governments to dictate policy on the matter and for the industry sector to start organizing on the risk assessment front.
Are We Quantum-ready?
From a commercial implementation perspective, the world is far from quantum-ready. While attack-capable quantum computers are expected by 2030 (at the earliest), the transition to post-quantum is likely to take at least a decade. For this reason, standardization efforts (and, in particular, those by NIST) are key in driving industry adoption. But NIST is only the first step in that transitional effort. The role of other Standards Development Organizations (SDOs), such as the Internet Engineering Task Force (IETF), ETSI (European Telecommunications Standards Institute), and the ITU (International Telecommunication Union), is equally important in defining protocols and recommended implementations for various applications.
In parallel, development efforts within specific industry fora and consortia will follow, alongside open-source movements. These will largely leverage SDO standards and recommendations to optimize their own specifications and reference architectures. The progress of work in these will be a sign of technology maturity and present “plug-and-play” types of technologies, which will make for easier industry integration and adoption.
The standard development process is an intractable and foundational process for the successful development of a PQC market and for eventual adoption and integration into Information and communication technology (ICT). Some industries have been more proactive in engaging with and strategizing around PQC developments, particularly those stakeholders in industries where products have long life spans (10+ years). Automotive original equipment manufacturers (OEMs) are a good example; modern cars are increasingly software-defined and connected, and current product development must look to integrating quantum safeguards today. This has a knock-on effect on the supply chain, notably semiconductors that need to ensure that the chipsets they are providing today can include some form of PQC readiness.
In a similar scenario are highly regulated and highly sensitive markets, such as financial services, defense, and telecommunications. Currently, the risks facing industries may seem minimal, as attack-capable quantum computers are not yet commercially available. However, there are threat actors that are actively stealing encrypted data, with a view to decrypting it later once such computers are available. The risks are, in fact, immediate. The level of preparedness in these industries varies significantly, and is also affected by whether there is any government policy in their geographic region.
There are varying reasons for this fragmentation in approach. In large part, the issues center around the complexity of PQC-based key exchange and the difficulty in making the schemes practicable for a broad range of applications. It’s not a one-size-fits-all solution. Therefore, efforts in industry consortia are key.
See More: Why and Where the PQC Market is Gaining Traction
The Need for a Unified Approach to Standards
Further adding to the complexity is the fact that there will be several different standards based on different algorithms. This is a big change in the cryptographic world, which had only to deal with one new cryptographic algorithm in the last decade (elliptic curve cryptography (ECC)). Fewer standards would be better for migration, but there is a need for different algorithms based on application and final usage.
There is also the challenge around public awareness, which, in general, has not been so high-profile outside of the security industry. Because quantum computing is still mostly theory, PQC is not a priority topic for many. Its importance has not been conveyed successfully enough to generate a high level of interest outside a very niche audience despite the apparent risks.
Finally, the rationale for many is to wait until finalized standards and commercial off-the-shelf solutions are available. There is anxiety about the cost of implementing PQC too early; what if one of the standards is broken in the next year? What if attack-capable quantum computers don’t emerge for another 20 years? Is that spending justifiable? And there are other pressing priorities, such as ransomware and supply chain attacks, where security budgets could be better spent.
The Time to Think About PQC Is Now
At worst, there are those who will simply wait for attack-capable quantum computers to be commercially viable before thinking about PQC at all. This would be a mistake.
Nonetheless, progress by NIST and the IETF shows that PQC is not some theoretical concept that can be easily ignored. The various efforts have engaged some of the world’s largest and most influential technology and security companies for years now (see the figure below).
Source: ABI Research
The integration of PQC will absolutely permeate their product lines and solutions, democratizing PQC understanding and awareness in the process. While still incipient (even after five years), a long and involved process remains, from standards development to ubiquitous integration.
What’s your take on post-quantum cryptography? Do you think the newly-announced NIST standards are a step in the right direction? Share with us on Facebook, X, and LinkedIn. We’d love to hear from you!
Image Source: Shutterstock
MORE ON POST-QUANTUM CRYPTOGRAPHY (PQC)
- Post-Quantum Cryptography Pt. 1: Are You Prepared for “Y2Q”?
- Post-Quantum Cryptography: Nine Industries at Risk From “Y2Q”
- PKI Silos, Post-Quantum Crypto and Other Emerging Trends in Cryptography
- Mainstream Crypto-Agility and Other Emerging Trends in Cryptography
- Next-Generation Cryptography: How to Secure Your Data Like Never Before
About Expert Contributors: The Expert Contributor program is designed to help kickstart meaningful conversations around the priorities and challenges most critical to C-level executives. The insights and perspectives will help CIOs tackle what’s most important to them. We are always looking for industry thinkers who can help set the narrative for our enterprise audience. To know more about this program, and submit your ideas, reach out to the Spiceworks News & Insights Editorial team at editorial-toolbox@ziffdavis.com.
