NIST IR 8610 Reports Status of Quantum-Resistant Signatures

The National Institute of Standards and Technology has released NIST Internal Report NIST IR, detailing the status of additional digital signature schemes evaluated in the second round of its post-quantum cryptography standardization process. This report signifies a focused stage in the agency’s multi-year effort to develop cryptographic algorithms resistant to attacks from future quantum computers, moving beyond initial submissions to a narrowed field of contenders. A collaborative effort involving Gorjan Alagic, Maxime Bros, Pierre Ciadoux, and fifteen other researchers from the Computer Security and Applied & Computational Mathematics Divisions at NIST, the report specifically addresses signature algorithms vital for verifying digital authenticity. The publication is available free of charge and represents the agency’s technical leadership in securing federal information systems, with ITL responsibilities including the development of standards for cost-effective security and privacy.

NIST Post-Quantum Cryptography Standardization Process Overview

This internal report details the status of schemes undergoing evaluation, a crucial step beyond initial submissions, indicating a focused narrowing of potential algorithms. NIST is also dedicating significant attention to digital signature schemes, essential for verifying authenticity in a future where quantum computers could break current encryption. The report outlines that NIST accepted fourteen candidate algorithms for the second round, allowing submitters to refine their designs before resubmission, provided they met original requirements. One update was the merging of algorithms MIRA and MiRitH into a single candidate, Mirath. The report states that submission teams were allowed to make minor modifications and resubmit their updated packages, highlighting the iterative nature of the process. NIST’s evaluation hinges on three core criteria: security, cost and performance, and algorithm characteristics, with a push for diversity in the final portfolio.

NIST seeks algorithms that offer at least one substantial performance advantage over existing schemes. The agency emphasizes the importance of robust security definitions. The complete list of second-round candidates, with those advancing to the third round highlighted, is available for public review, demonstrating NIST’s commitment to transparency throughout the standardization process.

The quest to secure digital communications against the looming threat of quantum computers continues to refine its focus. This phase, detailed in NIST Internal Report NIST IR, signifies a narrowing of the field as the agency progresses toward establishing new cryptographic standards. The report specifically addresses “Additional Digital Signature Schemes,” demonstrating NIST’s commitment to not only securing data in transit with key encapsulation mechanisms, but also ensuring the authenticity of digital information through robust signature algorithms.

Security, Cost, and Performance Evaluation Criteria

This report signifies a focused follow-up, indicating a narrowing of contenders after initial submissions. NIST’s evaluation is balanced against cost and performance, though security remains the most important factor. The agency seeks algorithms suitable for widespread deployment in internet protocols like TLS and SSH, demanding schemes that offer “at least one substantial performance advantage” over existing options. This emphasis on practicality reflects a desire to avoid solutions that are computationally prohibitive for everyday use. The report details five security categories used for comparison. The agency’s goal is to diversify its signature portfolio, and submissions should differ significantly from signature schemes already selected for standardization.

Detailed Analysis of the CROSS Signature Scheme

The need for resilient digital signatures extends beyond secure transactions; it underpins the authenticity of software updates, critical infrastructure communications, and long-term data archiving in a world preparing for the arrival of quantum computing. This report highlights a focused second round of assessment, indicating a narrowing of algorithms after initial submissions. Among the “Additional Digital Signature Schemes” under scrutiny, CROSS stands out as a code-based signature scheme. The agency seeks algorithms offering at least one substantial performance advantage over existing solutions. These benchmarks underscore the demand for tangible improvements in efficiency and scalability as NIST progresses toward establishing a robust suite of post-quantum digital signatures.

Assessment of LESS and SQIsign Algorithms

While much of the focus in post-quantum cryptography has centered on key encapsulation mechanisms, NIST’s evaluation also includes a detailed assessment of digital signature schemes, equally critical for ensuring authenticated communication in a future vulnerable to quantum attacks. This is a deep dive into algorithms poised for potential standardization, not a preliminary overview. Among the algorithms receiving particular scrutiny are LESS and SQIsign, both representing distinct approaches to post-quantum signature generation. The agency’s criteria extend beyond raw security, encompassing cost and performance alongside algorithm and implementation characteristics. This rigorous process aims to diversify the signature portfolio, and submissions should differ significantly from signature schemes already selected for standardization, with the ultimate goal of establishing a robust foundation for secure digital communication for years to come.

Among the fourteen second-round candidates, HAWK, FAEST, and Mirath received particular scrutiny. NIST accepted submissions allowing for ensuring algorithms remained aligned with initial requirements. The evaluation was not solely about theoretical security; NIST’s criteria encompassed algorithm and implementation characteristics, demanding practical viability. The complete updated specifications were posted on https://csrc.nist.gov/Projects/pqc-dig-sig/round-2-additional-signatures on March 4, for public review, fostering transparency throughout the process.

Examination of MQOM, PERK, and RYDE Schemes

Among the fifteen algorithms undergoing scrutiny, MQOM, PERK, and RYDE represent distinct approaches to signature generation. NIST is prioritizing schemes offering diverse security profiles, aiming to avoid reliance on a single cryptographic approach. The agency seeks algorithms offering at least one substantial performance advantage. The detailed analysis within NIST IR provides a granular view of each candidate’s strengths and weaknesses, informing the selection process for the third round and ultimately, the standardization of post-quantum digital signatures. The complete updated specifications were posted on https://csrc.nist.gov/Projects/pqc-dig-sig/round-2-additional-signatures on March 4, for public review. Submissions should differ significantly from signature schemes already selected for standardization.

Among the fourteen algorithms accepted for the second round, UOV and MAYO received specific attention alongside schemes like SQIsign and HAWK. NIST’s evaluation was not simply about finding replacements for existing algorithms; it sought substantial performance advantages. The report states that NIST seeks to diversify its signature portfolio, emphasizing that submissions should differ significantly from those already selected. The report highlights that submission teams were permitted to refine their designs and resubmit, provided they adhered to original requirements.