With the advancing development of quantum computers, IT security must also reposition itself. The US federal agency National Institute for Standards and Technology (NIST) is aware of the potential danger posed by quantum computers for secure data encryption and launched a process in 2016 to standardize quantum computer-resistant cryptographic procedures. Research groups from all over the world submitted concepts for the next generation of cryptographic algorithms, so-called post-quantum algorithms; 15 made it to the finals. NIST’s decision was eagerly awaited by authorities and companies worldwide, as experience shows that international standards follow the assessment of the US authority.
New standard in IT security
Six years later, the decision has now been made. Four post-quantum cryptography algorithms will become standard – one of these algorithms, the signature algorithm SPHINCS+, bears the handwriting of TU Graz. Christian Rechberger, cryptography expert at the Institute of Applied Information Processing and Communications, comments: “In the world of IT security, this decision is of enormous relevance. We’re going to find these algorithms in every piece of software, in every chip; from industrial plants to private mobile phones, from data centres to the pressure sensor in car tyres.”
We’re going to find these algorithms in every piece of software, in every chip; from industrial plants to private mobile phones, from data centres to the pressure sensor in car tyres.
It is still uncertain when the first quantum computers will actually start working. But one thing is already clear. Quantum computers can solve mathematical operations on which today’s asymmetric cryptographic methods are based – the security infrastructure up to now will thus become virtually worthless. Suitable standardized replacement procedures for the current generation of encryption and signature methods are therefore needed in advance.
Four post-quantum algorithms
For the general encryption used when accessing secure websites, NIST has selected the CRYSTALS-Kyber algorithm. Its advantages include the comparatively small encryption keys that two parties can easily exchange and its high operating speed.
The three algorithms CRYSTALS-Dilithium, FALCON and SPHINCS+ will be used to guarantee the authenticity of data and senders. Digital signatures are used, for example, when identities need to be verified during a digital transaction. SPHINCS+ is slightly larger and slower than the other two algorithms, but valuable as a backup because it is the only one based solely on hash functions and does not require any further assumptions. This makes SPHINCS+ particularly conservative and designed for long-term security (Note: Hash functions are used in digital signatures to calculate “fingerprints” of messages. The fingerprint is sent with the message to the recipient as proof of integrity).
All four algorithms were developed in intensive international collaborations. In addition to TU Graz, other well-known names were involved in the development of SPHINCS+, such as TU Eindhoven, Ruhr University Bochum, Infineon, Technical University of Denmark (DTU) and the University of Illinois Chicago.
While the standard is now in final development, NIST encourages security experts to research the new algorithms, consider details of the applications and inform IT departments and vendors. The algorithms are accessible on the NIST website. More details can be found in the NIST press release.