Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Post-Quantum Encryption
I've been worried if our dependence on public-key encryption was going to be a serious problem when quantum computing eventually becomes real and widely available. But it looks like the encryption experts have been busy and are working to duck this bullet. This is excellent news, I hope it stands up to review.
From NIST:
NIST Announces First Four Quantum-Resistant Cryptographic Algorithms
Federal agency reveals the first group of winners from its six-year competition.
GAITHERSBURG, Md. — The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has chosen the first group of encryption tools that are designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in the digital systems we rely on every day — such as online banking and email software. The four selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, expected to be finalized in about two years.
...
The announcement follows a six-year effort managed by NIST, which in 2016 called upon the world’s cryptographers to devise and then vet encryption methods that could resist an attack from a future quantum computer that is more powerful than the comparatively limited machines available today. The selection constitutes the beginning of the finale of the agency’s post-quantum cryptography standardization project.
...
The announcement follows a six-year effort managed by NIST, which in 2016 called upon the world’s cryptographers to devise and then vet encryption methods that could resist an attack from a future quantum computer that is more powerful than the comparatively limited machines available today. The selection constitutes the beginning of the finale of the agency’s post-quantum cryptography standardization project.
... but of course there is a lot of work to do before our public key encryption infrastructure is worthless.
From CERT
Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats
Although NIST will not publish the new post-quantum cryptographic standard for use by commercial products until 2024, CISA and NIST strongly recommend organizations start preparing for the transition now by following the Post-Quantum Cryptography Roadmap, which includes: ... [see original article for a long list of useful hints about how to transition to the new encryption algorithms]
For additional guidance and background, CISA and NIST strongly encourage users and administrators to review:
For additional guidance and background, CISA and NIST strongly encourage users and administrators to review:
- NIST press release, NIST Announces First Four Quantum-Resistant Cryptographic Algorithms.
- The NIST and Post-Quantum Cryptography, Post-Quantum Cryptography Standardization, and Migration to Post-Quantum Cryptography websites.
In the meantime, everyone should realize that the encrypted files (and possibly archived https sessions) being made today will not withstand decryption attacks once quantum computing becomes cheap and widespread.
2 replies
= new reply since forum marked as read
= new reply since forum marked as read
