“NIST has formally accepted three algorithms for post-quantum cryptography,” writes ancient Slashdot reader jd. “Two more backup algorithms are being worked on. The idea is to have backup algorithms using very different maths, just in case a flaw in the original approach is discovered later.” The Register reports: The National Institute of Standards and Technology (NIST) today released the long-awaited post-quantum encryption standards, designed to protect electronic information long into the future — when quantum computers are expected to break existing cryptographic algorithms. One — ML-KEM (PDF) (based on CRYSTALS-Kyber) — is intended for general encryption, which protects data as it moves across public networks. The other two — ML-DSA (PDF) (originally known as CRYSTALS-Dilithium) and SLH-DSA (PDF) (initially submitted as Sphincs+) — secure digital signatures, which are used to authenticate online identity. A fourth algorithm — FN-DSA (PDF) (originally called FALCON) — is slated for finalization later this year and is also designed for digital signatures.
NIST continued to evaluate two other sets of algorithms that could potentially serve as backup standards in the future. One of the sets includes three algorithms designed for general encryption — but the technology is based on a different type of math problem than the ML-KEM general-purpose algorithm in today’s finalized standards. NIST plans to select one or two of these algorithms by the end of 2024. Despite the new ones on the horizon, NIST mathematician Dustin Moody encouraged system administrators to start transitioning to the new standards ASAP, because full integration takes some time. “There is no need to wait for future standards,” Moody advised in a statement. “Go ahead and start using these three. We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe. But for most applications, these new standards are the main event.”
From the NIST: This notice announces the Secretary of Commerce’s approval of three Federal Information Processing Standards (FIPS):
– FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard
– FIPS 204, Module-Lattice-Based Digital Signature Standard
– FIPS 205, Stateless Hash-Based Digital Signature Standard
These standards specify key establishment and digital signature schemes that are designed to resist future attacks by quantum computers, which threaten the security of current standards. The three algorithms specified in these standards are each derived from different submissions in the NIST Post-Quantum Cryptography Standardization Project.
Read more of this story at Slashdot.