NIST’s quantum standards: The time for upgrades is now
Quantum computing is farther along than most realize, and it’s time to safeguard against cybersecurity threats posed by those who will use quantum technologies.
This past August, the National Institute of Standards and Technology released its first set of Post Quantum Cryptography (PQC) standards. The release marks the culmination of years of research, development, testing and collaboration. It similarly underscores the need for federal agencies to immediately start planning upgrades to IT infrastructure to crypto-agile firmware or software that has implemented the new PQC standards.
On the vendor or supplier side of the equation, the NIST announcement means that technology providers, standards organizations and industry groups must earnestly resolve whatever issues may have been holding back large-scale releases and deployment of interoperable PQC implementations.
It’s time for agencies and industry alike to make a serious effort to transition to the new world of post-quantum cryptography.
A focus on general encryption and digital signatures
NIST’s newly announced standards address two important encryption functions:
- General encryption, which protects information exchanged across a public network; and
- Digital signatures, which are used for identity authentication.
The four NIST algorithms — CRYSTALS-Kyber, CRYSTALS-Dilithium, Sphincs+ and FALCON — saw draft versions released in 2023, after having been introduced in 2022. (The fourth draft standard based on FALCON is planned for release later this year.)
The NIST announcement should not affect any cryptographic transition plans already in place with agencies and vendors, except to encourage them to start working even more diligently. NIST has made no real changes to the standards from their draft versions, except for their names:
- Federal Information Processing Standard (FIPS) 203: This standard is based on CRYSTALS-Kyber algorithm, and has been renamed Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM). This is meant to be the main general encryption standard. ML-KEM has the benefit of speedier operation, as well as smaller encryption keys that can be exchanged relatively easily between two parties.
- FIPS 204: This standard is based on the CRYSTALS-Dilithium algorithm, renamed Module-Lattice-Based Digital Signature Algorithm (ML-DSA). It is intended to be the primary standard for protecting digital signatures.
- FIPS 205: which is also intended for digital signatures, makes use of the Sphincs+ algorithm — renamed Stateless Hash-Based Digital Signature Algorithm (SLH-DSA). Based on a different mathematical approach than ML-DSA, the standard is meant to be used as a backup method in the event of any vulnerabilities exposed in ML-DSA.
The name changes don’t end there. When the draft FIPS 206 standard (which is built around the FALCON algorithm) is released, the algorithm itself will be renamed “FFT (fast-Fourier transform) over NTRU-Lattice-Based Digital Signature Algorithm” or FN-DSA.
Evaluation and implementation
NIST National Cybersecurity Center of Excellence (NCCoE) has been working with industry collaborators and other federal agencies to bring awareness to the challenges associated with the migration to PQC. The project so far has resulted in draft guidance for crypto discovery and interoperability and performance testing.
In practical terms, all eyes are now on the vendor and supplier community. Vendors that have not already done so must move to implementing crypto-agility across their product lines. Concerted effort must be applied to implementing NIST PQC algorithms and corresponding protocols in its products.
This is particularly true for providers of Hardware Security Modules (HSMs). Vendors with some measure of PQC capability already built into their products must begin, if possible, to provide HSM customers with in-field firmware upgrades for the NIST PQC algorithms in a FIPS 140-certified cryptographic module. This will facilitate agencies’ initial testing and enable relatively quick and easy transition to quantum safe network encryption solutions.
Late in 2023, we said the race was on to “quantum-proof” encryption in the federal sector. Government has not been shy in providing reminders, guidance and compliance milestones to agencies — from the May 2022 White House National Security Memo on Quantum to the Office of Management and Budget’s OMB M-23-02 roadmap for agency post-quantum cryptography migration. As emphasized in the aforementioned policies, the first step towards the road to PQC migration starts with crypto discovery. Agencies can now utilize automated crypto inventory tools to identify where and how cryptography is being used in their organizations.
With NIST’s published standards, there are no more obstacles to putting plans in process for this migration. Quantum computing is farther along than we may realize, and the time is now to start safe guarding against the cybersecurity threat posed by bad actors who will certainly use the quantum technology to their advantage.
Gina Scinta is deputy chief technology officer of Thales Trusted Cyber Technologies.
Copyright
© 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.