NIST Unveils First Post-Quantum Encryption Standards for Secure Data

The National Institute of Standards and Technology (NIST) has released three finalized post-quantum encryption standards designed to withstand cyberattacks from quantum computers. These standards secure a wide range of electronic information, from confidential email messages to e-commerce transactions that propel the modern economy.

NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible. The algorithms announced today are specified in the first completed standards from NIST’s post-quantum cryptography standardization project and are ready for immediate use. Deputy Secretary of Commerce Don Graves emphasized the importance of quantum computing technology in reaffirming America’s status as a global technological leader.

Undersecretary of Commerce for Standards and Technology and NIST Director Laurie Locascio highlighted NIST’s role in developing these critical standards. The three finalized standards, Federal Information Processing Standard (FIPS) 203, FIPS 204, and FIPS 205, are based on algorithms developed by companies such as Crystals and Sphincs+, and will serve as the primary tools for general encryption and protecting digital signatures.

The National Institute of Standards and Technology (NIST) has recently announced the finalization of three new encryption standards, designed to protect digital information from potential attacks by quantum computers. These standards are based on complex math problems that are resistant to both conventional and quantum computers.

The three finalized standards are:

1. Federal Information Processing Standard (FIPS) 203: This standard is intended for general encryption and is based on the CRYSTALS-Kyber algorithm, now renamed ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism). It offers small encryption keys that can be easily exchanged between parties and operates at high speeds.
2. FIPS 204: This standard is designed to protect digital signatures and uses the CRYSTALS-Dilithium algorithm, now renamed ML-DSA (Module-Lattice-Based Digital Signature Algorithm).
3. FIPS 205: Also intended for digital signatures, this standard employs the Sphincs+ algorithm, now renamed SLH-DSA (Stateless Hash-Based Digital Signature Algorithm). This standard is based on a different math approach than ML-DSA and serves as a backup method in case ML-DSA proves vulnerable.

These new standards are a significant step forward in ensuring the security of digital information. According to NIST mathematician Dustin Moody, “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time.”

But that’s not all – NIST is also evaluating two additional sets of algorithms that could serve as backup standards in the future. One set consists of three algorithms designed for general encryption, while the other includes a larger group of algorithms designed for digital signatures.

Moody emphasized that there is no need to wait for future standards and encouraged system administrators to start using these new standards immediately. “We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe.”