US unveils next-gen encryption tools to withstand quantum computing attacks

An image representing the digital quantum world
(Image credit: Shutterstock)

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has revealed the first four encryption tools that are designed to withstand future cyber attacks powered by quantum computing.

The four selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, which is expected to be finalised in two years. They’ll be used to withstand potential future assaults by hackers using quantum computers, which may have the ability to crack the security used to protect privacy in digital systems, including in online banking and email software.

The announcement is part of a six-year effort pushed by NIST when, in 2016, it called on the world’s cryptographers to devise and vet encryption methods that could resist an attack from a future quantum computer that would be more powerful than today's most advanced hardware. NIST said the selection of these encryption tools marks the beginning of the finale of the agency’s post-quantum cryptography standardisation project.

Four additional algorithms are under consideration for inclusion in the standard, and NIST plans to announce the finalists from that round in the near future. It said it’s announcing its choices in two stages because of the need for a robust variety of defence tools. The agency also said there are different systems and tasks that use encryption, and a useful standard would offer solutions designed for different situations, use varied approaches for encryption, and offer more than one algorithm for each use case in the event one proves vulnerable.

“NIST constantly looks to the future to anticipate the needs of US industry and society as a whole, and when they are built, quantum computers powerful enough to break present-day encryption will pose a serious threat to our information systems,” said under secretary of commerce for standards and technology, and NIST director, Laurie E Locascio. “Our post-quantum cryptography programme has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”

Which encryption tools can withstand a quantum computer attack?

The four quantum-resistant algorithms rely on maths problems that both conventional and quantum computers should have difficulty solving, thereby defending privacy both now and down the road, added the agency.

The algorithms are designed for two main tasks for which encryption is typically used, general encryption, used to protect information exchanged across a public network, and digital signatures, used for identity authentication. All four of the algorithms were created by experts collaborating from multiple countries and institutions.


Introducing IBM Security QRadar XDR

A comprehensive open solution in a crowded and confusing space


For general encryption, used when users access secure websites, NIST has selected the CRYSTALS-Kyber algorithm. Its advantages include comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation.

For digital signatures, often used when users need to verify identities during a digital transaction or to sign a document remotely, NIST has selected the three algorithms CRYSTALS-Dilithium, FALCON and SPHINCS+. Reviewers noted the high efficiency of the first two, and NIST recommends CRYSTALS-Dilithium as the primary algorithm, with FALCON for applications that need smaller signatures than Dilithium can provide. The third, SPHINCS+, is larger and slower than the other two, but is valuable as a backup for one key reason: It’s based on a different maths approach than all three of NIST’s other selections.

Three of the selected algorithms are based on a family of maths problems called structured lattices, while SPHINCS+ uses hash functions. The additional four algorithms still under consideration are designed for general encryption and do not use structured lattices or hash functions in their approaches.

While the standard is in development, NIST has encouraged cyber security experts to explore the new algorithms and consider how their applications will use them, but not to deploy them into their systems yet, as the algorithms could change slightly before the standard is finalised.

To prepare, NIST said that users can inventory their systems for applications that use public-key cryptography, which will need to be replaced before cryptographically relevant quantum computers appear. They can also alert their IT departments and vendors about the upcoming change.

Zach Marzouk

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.