Cybersecurity is set for a comprehensive overhaul. The US government has finalized a set of standards to make Internet communications secure from attacks by future quantum computers, which could render most current digital protections useless.
The guidelines include one algorithm to enable secure communications through encryption, and two algorithms for ‘digital signatures’, which prevent hackers from impersonating a known user or device. They are expected to be adopted on a global scale. The US National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland, selected the three algorithms through a process that began in 2016 and enlisted the help of cryptography specialists worldwide. NIST had announced a preliminary selection of four algorithms in 2022, and has now finalized the standards for three of them.
“It’s great to see that they’re finally out,” says Peter Schwabe, a cryptographic engineer at the Max Planck Institute for Security and Privacy in Bochum, Germany, who helped design three of the four systems.
“These finalized standards include instructions for incorporating them into products and encryption systems,” says Dustin Moody, a mathematician at NIST who has led the standardization effort. “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time.”
Keeping data secure
Digital communications and transactions such as online shopping almost universally rely on a small set of algorithms for ‘public-key’ cryptography. These systems allow two parties to exchange information securely. Each party has its own public key, a sequence of numbers that they give to anyone who wants to send them a message. The receiver then can decrypt the message with a private key that only they know.
But current public-key systems are known to be vulnerable to decryption using a quantum algorithm devised by Peter Shor, a mathematician now at the Massachusetts Institute of Technology in Cambridge. In 1994 — at a time when even the most rudimentary quantum computers did not exist and when Internet communications were barely starting to go mainstream — Shor showed that such machines would quickly be able to crack the most popular public-key systems. This could also put devices such as credit cards and security passes at risk of being hacked.
The race to save the Internet from quantum hackers
Thirty years later, efforts to build quantum computers have made great progress, but the machines are still said to be at least a decade way from being able to run Shor’s algorithm on anything but numbers with a handful of digits. Still, Shor and others have warned against complacency.
The new encryption algorithm selected by NIST is called CRYSTALS-Kyber. Schwabe and his collaborators developed it starting from a technique first proposed by computer scientist Oded Regev at New York University in 2005. Schwabe says that in the applications most users are familiar with — internet browsing and smartphone apps — the deployment should proceed relatively smoothly. “Browsers will quickly migrate, as well as messaging apps and video conferencing systems,” he says. It could take longer for the developers of small Internet- or WiFi-connected devices to catch up, he adds.
Although CRYSTALS-Kyber should be resistant to quantum-computer attacks, none of the existing public-key algorithms — including the three selected by NIST — have been mathematically proven to be completely safe, and researchers will continue to work on alternatives, just in case. NIST itself is evaluating “two other sets of algorithms that could one day serve as backup standards”, the institute said in a statement.
Although the NIST announcement has now made it official, ‘post-quantum’ algorithms have been available for years. Some companies, such as Cloudflare and IBM, have already begun to include them in their systems, while others have been slower to adapt. “Many organizations have not started work on the post-quantum migration at all, citing the lack of standards — a situation that has been called crypto procrastination,” wrote Bas Westerbaan, a mathematician at the Internet-services company Cloudflare, in a blog post last year. Security specialists hope that the NIST announcement will now prod most other organizations to begin what is likely to be a long and complicated transition.