Today, the National Institute of Standards and Technology (NIST) released three, long-awaited quantum-resistant standards, with more publications expected to augment this initial set.
The three standards that were published remain substantially similar to the drafts that were released in August 2023.
Quick refresher on the NIST Post-Quantum Cryptography Standardization Project
Before we dive into the new algorithm descriptions, let’s first look back at the NIST Post-Quantum Cryptography Standardization Project.
Quantum computers, once powerful enough, will be able to break public-key encryption (like RSA and ECC, for example). This type of quantum computer is known as a Cryptographically Relevant Quantum Computer, or CRQC.
To prevent these crucial security foundations from unraveling, NIST began a standardization project to develop quantum-safe cryptography. This journey began in 2016, when they first solicited viable algorithms that wouldn’t be susceptible to a quantum computer’s ability to factor the prime numbers used in public-key encryption.
NIST received 82 initial submissions, and after several rounds of public comment and ongoing refinement—and even one false alarm—we now have our first three standards.
Each is explained below.
Prepare for the Future of Cybersecurity: InfoSec's Guide to Post-Quantum Readiness
FIPS 203, FIPS 204 and FIPS 205
Quantum computers threaten the security of current standards—specifically public-key encryption models—and these new standards are meant to withstand such attacks.
ML-KEM: FIPS 203
A Module-Lattice-Based Key-Encapsulation Mechanism Standard
Designed for more general encryption use cases, FIPS 203 details a key encapsulation mechanism, which is used to establish a shared secret key between two users who communicate over a public channel.
According to the newly published standard, “The security of ML-KEM is related to the computational difficulty of the Module Learning with Errors problem. At present, ML-KEM is believed to be secure, even against adversaries who possess a quantum computer.”
For more information on FIPS 203, head over here.
ML-DSA: FIPS 204
A Module-Lattice-Based Digital Signature Standard
FIPS 204 emphasizes the need for secure digital signatures, which are used to detect unapproved changes to information and authenticate identities. Recipients also use digital signatures to verify data as legitimate and tamper-free (an act known as non-repudiation).
This standard specifically details a set of algorithms used to generate and verify digital signatures, and “ML-DSA is believed to be secure, even against adversaries in possession of a large-scale quantum computer.”
SLH-DSA: FIPS 205
A Stateless Hash-Based Digital Signature Standard
FIPS 205 describes a stateless hash-based digital signature algorithm that’s also used to authenticate and verify signatories of data.
To learn more about FIPS 205, head over here.
More PQC standards to come
The standardization process for a fourth standard, FIPS 206 (derived from FALCON), is expected to commence this month. From there, NIST will continue to work on including the new standards in both national and international standards bodies.
Why your post-quantum preparation needs to start sooner, not later
NIST’s progress on releasing these three standards is a monumental milestone in the quantum computing space, and there’s no doubt that advancements will pick up momentum from here.
That means now is the time to prepare for a post-quantum world.
What does that mean, exactly?
My colleague, Kevin Bocek, urges us to focus less on the cryptographic algorithms themselves, and more on what’s being used, where and how.
In other words, he stresses the importance of machine identity security, which provides the visibility, automation and centralized oversight that allows you to take stock of your current cryptographic assets, thereby enabling you to gauge your level of quantum risk.
By building an inventory of your cryptographic systems (i.e. digital certificates and keys), and automating their lifecycles, you’ll be well-suited when you test and migrate to quantum-resistant cryptography, like what’s delineated in FIPS 203, 204 and 205.
And we really can’t stress enough the urgency of starting sooner rather than later, because these migrations, historically, take a lot of time, effort and careful coordination to complete. Just look at SHA-1 as an example—in some cases, that migration was still happening a decade after the algorithm had been deprecated.
What’s more, “steal now, decrypt later” attacks are already happening, which involve a threat actor stealing encrypted information with the plan to use a quantum computer to decrypt it later.
How Venafi can help you prepare for a post-quantum world
At Venafi, machine identity automation is our bread and butter, but we don’t stop there. We also provide robust readiness solutions that can help you prepare for large-scale cryptographic events like migrating to post-quantum cryptography.
And we can help you do it before quantum computers arrive on the scene, so you and your team can avoid security scrambles. How?
Through the Venafi Control Plane—the industry’s preferred platform for standardizing and orchestrating machine identities—your team is equipped with the observability, automation and crypto-agility you need to manage and secure any machine identity, anywhere.
- Observability: Discover and monitor all machine identities, their health and cryptographic status.
- Consistency: Define and enforce security policies using automation and approval workflows.
- Reliability: Reduce downtime with a fast, automated service that scales.
- Flexibility: Choose the best post-quantum approach for your specific business requirements.
Plus, the latest versions of Venafi TLS Protect and CodeSign Protect are already equipped with features that allow you to test and experiment with post-quantum algorithms.
Future-proof your business with quantum-ready solutions from Venafi
Have questions about your quantum readiness journey?
Venafi’s category-leading control plane provides the capabilities needed to successfully overcome today’s machine identity challenges—while anticipating tomorrow’s.
Additionally, if you’re looking for expert guidance through the process, current Venafi customers can get a head start with a quantum readiness evaluation.
It’s the first step of our Quantum Protect consultation, which helps ensure your machine identities, data and communication systems remain secure in the era of quantum computing.
So, if you’re a current customer, schedule yours today!
Machine Identity Security Summit 2024
Help us forge a new era of cybersecurity
☕ We're spilling all the machine identiTEA Oct. 1-3, but these insights are too valuable to just toss in the harbor! Browse the agenda and register now.