Perhaps you recall that a couple of months ago we shared a blog post entitled, The Quantum Computing Conundrum and NIST Cybersecurity Framework Training. In that post we discussed the work that NIST has been carrying out since 2015 to approve new Post-Quantum Cryptography standards to deal with the threat of quantum computing to existing encryption algorithms.
At the end of that post, we asked you to watch this space for future updates. So…welcome to the future! You made it here and you didn’t even need a highly modified DeLorean or a TARDIS. Well done.
A little background. The new standards are designed to specify encryption algorithms that are “quantum resistant.” Quantum resistant is simply another term for post-quantum cryptography. They both mean the development of cryptographic systems which can effectively secure against efforts to defeat the protocols, no matter whether the attacking system is a classical computer or a quantum computer.
Ok, that went a little high-level geek. Let’s bring this back to more plain English. Cryptography uses mathematics to make problems that are hard to solve without the right key. With the key the problems are trivial. The threat is that many of the math problems that are hard for classical computers are dead simple for quantum computers.
Story time! In my university days I took a calculus course. The professor was a genuinely nice guy, but I absolutely did not get how calculus worked or how to solve calculus problems using the way he explained it. I was completely baffled because well, his methods were terribly complex. When I finally saw the answer I could work my way backwards, but without the answer I was lost. Then the next semester I took another calculus class with a different professor. He walked the students through a simple explanation that made clear the basics of calculus. Using his methods, I finally got it! It took me a bit of time, but I could now solve calculus problems.
With the first professor I could not easily solve the problems, unless given the answer. That’s basically the same as using a classical computer to hack a classical cryptographic algorithm…by stealing the key. It’s not really hacking at all. But the second professor? He turned me into a quantum computer. What had been nearly impossible without the answer (the key) to the calculus problems, now became relatively easy thanks to my newly gained skills.
Do you see the problem we have when quantum computers become mainstream? Our “terribly complex” algorithms that are nearly unsolvable without the key suddenly become as simple as 1+1=2. To counter this upcoming threat, over the last seven years NIST “has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”
What then has been the result of all this work by NIST and the top minds in cryptography? The release of the first four quantum-resistant cryptographic algorithms. This is a HUGE announcement for cybersecurity professionals! What has been a potential point of danger and concern for maintaining the confidentiality and integrity of sensitive data in the near future now has a highly capable set of defenses.
Let’s spend some time talking about the algorithms, then we will discuss next steps. To begin, note that these are the first four of what will likely be a total of eight algorithms recommended by NIST for post-quantum (or quantum resistant) cybersecurity. The four that NIST has just recently announced fall into two categories based on their security purpose. Those categories are 1) general encryption and 2) digital signatures. The four remaining algorithms will be released in about two years.
General encryption means securing data as it moves across a network. For example, when you visit the website of your bank, doctor, or other place where you want to make sure the data cannot be read by cybercriminals. Of course, this is a major factor for organizations as well because they need to secure intellectual property, and data related to employees, clients, customers, and the general public.
Digital signatures are used to authenticate users and devices, as well as validate that files contain what they are supposed to contain and have not been altered to include malware or incorrect data. In terms of cybersecurity, general encryption secures confidentiality and digital signatures secure integrity. We talk about how both general encryption and digital signatures work in our Security+ and CySA+ courses.
For general encryption NIST has selected the CRYSTALS-Kyber algorithm. The keys are small and easily exchanged between parties in a transaction, and CRYSTALS-Kyber is relatively fast.
For digital signatures NIST has selected three algorithms. The first is CRYSTALS-Dilithium. CRYSTALS is a phrase that stands for Cryptographic Suite for Algebraic Lattices, algebraic lattices being the type of mathematics used in constructing both the Kyber and Dilithium cryptographic suites. And yes, for the sci-fi fans out there, Kyber is a Star Wars reference (the kyber crystal is what allows a light saber to function) and Dilithium is a Star Trek reference (dilithium crystals are a critical component of the warp drive in starships in the Star Trek universe). The second and third quantum resistant digital signature algorithms being recommended are FALCON and SPHINCS+ (read as “Sphincs plus”) respectively. Although both CRYSTALS-Dilithium and FALCON are highly efficient, NIST is promoting CRYSTALS-Dilithium as the primary algorithm, reserving FALCON for situations where smaller signatures are desired. SPHINCS+ is larger and slower than the other digital signature algorithms, but has one advantage, it uses a completely different type of mathematics. This makes it a good backup in case there are issues with either CRYSTALS-Dilithium or FALCON.
Finally, let’s talk about next steps. NIST is not recommending immediate implementation of any of the four newly announced algorithms. The reason is that they could have minor changes before the overall standard is released in its final form. But for now, the suggestions for organizations are 1) to get a complete inventory of all uses of public-key cryptography (to prepare for the changeover to quantum resistant at the appropriate time). You can check out our NIST Cybersecurity Training courses for more info about the design and importance of inventory in your security program, and 2) make sure that IT departments, security personnel, and third-party vendors are aware and preparing for the upcoming shift to a quantum resistant future. Want to work on doing what you can to get your security where it needs to be before that happens? Join us for one of our upcoming NIST Cybersecurity Framework Bootcamp training courses or check out our NIST Cybersecurity Framework Assessment Program.
–Troy Stoneking, Certified NIST Cybersecurity Framework Professional Trainer and Cybersecurity Assessor