US Unveils Post-Quantum Cryptography Standardization Costing $7.1 billion

The National Institute of Standards and Technology (NIST) has been leading an effort to standardize post-quantum cryptography (PQC) algorithms, which are resistant to attacks by quantum computers. This initiative aims to protect federal information systems from the risk posed by a cryptographically relevant quantum computer (CRQC).

Since May 2020, NIST has published several reports and held conferences to advance this effort. Key milestones include the announcement of third-round finalists in July 2020. The draft Federal Information Processing Standards (FIPS) publication was in August 2023. The kickoff of the Migration to Post-Quantum Cryptography project with 15 consortium members was in June 2022.

The National Cybersecurity Center of Excellence (NCCoE) has also played a crucial role in this process. No specific individuals are mentioned as key players in this effort. Companies involved in developing and testing PQC algorithms include those participating in the NCCoE consortium.

Post-Quantum Cryptography Strategy

The strategy for migrating Federal information systems to PQC is based on four primary precepts:

1. A comprehensive and ongoing cryptographic inventory is a key baseline for successful migration to PQC;
2. The threat of “record-now-decrypt-later attacks” means that the migration to PQC must start before a CRQC is known to be operational;
3. Agencies must prioritize systems and data for PQC migration;
4. and Systems that will not be able to support PQC algorithms must be identified as early as possible. This section explains each of these precepts and how they inform the federal migration strategy.

The journey began with the First NIST PQC Standardization Conference in April 2018, where the initial candidates were announced. This was followed by the release of NISTIR 8240. It is a status report on the first round of the standardization process. The announcement of second-round candidates occurred in January 2019.

The Second NIST PQC Standardization Conference took place in August 2019. Subsequent milestones included releasing draft documents. There were also public comment periods and workshops. The third-round finalists and alternate candidates were announced in July 2020, and NISTIR 8309, a status report on the second round, was released.

The pace continued with the publication of cybersecurity whitepapers, virtual workshops, and conferences. In June 2022, NCCoE (National Cybersecurity Center of Excellence) held an online kickoff meeting for the Migration to Post-Quantum Cryptography project, marking a significant step forward in the standardization process.

Fast-forwarding to July 2022, candidate algorithms to be standardized were announced, along with alternate candidates advancing to the fourth round. The release of NIST-IR 8413-upd1, a status report on the third round, provided further insight into the progress.

In August 2023, NIST published the first three Draft Federal Information Processing Standards (FIPS), a crucial step towards widespread adoption of PQC algorithms. This was followed by the release of NIST Special Publications 1800-38B and 1800-38C in December 2023, which offered guidance on cryptographic discovery and testing draft standards for interoperability and performance.

The publication of Draft 1800-38 Series Guidance in April 2024 marked another significant milestone. In July 2024, the fourth NIST PQC Standardization Conference occurred in Rockville, MD, where the final first three PQC FIPS were published. The standardization of the FALCON Digital Standard began in August 2024 and completed FIPS will continue to be included in national and international Standards Bodies.

In conclusion, securing the Federal Government against the risk posed by a Cryptographically Relevant Quantum Computer (CRQC) requires a sustained effort over multiple years. The progress made so far is promising, but continued collaboration and expertise from various government agencies are essential to achieving this objective.

Post-Quantum Cryptography Timeline

• April 2015: Workshop on Cybersecurity in a Post-Quantum World, NIST, Gaithersburg, MD
• February 2016: PQC Standardization: Announcement and outline of NIST’s Call for Submissions presentation given at PQCrypto
• April 2016: NISTIR 8105, Report on Post-Quantum Cryptography, released
• December 2016: Federal Register Notice – Announcing Request for Nominations for Public-Key Post-Quantum Cryptographic Algorithms
• November 2017: Submission Deadline for NIST PQC Standardization Process
• December 2017: First-round candidates announced. The public comment period on the first-round candidates began.
• April 2018: First NIST PQC Standardization Conference
• January 2019: Second-round candidates announced. NISTIR 8240, Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process, released. The public comment period on the second-round candidates began
• August 2019: Second NIST PQC Standardization Conference, Santa Barbara, CA
• April 2020: NIST invited comments from submitters and the community to inform its decision-making process for the selection of third-round candidates
• May 2020: Draft NIST Whitepaper Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms published
• July 2020: Third-round finalists and alternate candidates announced. NISTIR 8309, Status Report on the Second Round of the NIST Post Quantum Cryptography Standardization Process, released. The public comment period on the third-round candidates began.
• October 2020: NIST hosts Virtual Workshop on Considerations in Migrating to PQC Algorithms at the NCCoE.
• April 2021: NIST Cybersecurity Whitepaper Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms published
• June 2021: Third NIST PQC Standardization Conference, held virtually; NCCoE posts Draft NCCoE project description “Migration to PostQuantum Cryptography” for public comment.
• October 2021: NCCoE Final NCCoE project description “Migration to Post-Quantum Cryptography” and the Federal Register Notice soliciting industry collaborators.
• June 2022: NCCoE has an online Migration to PQC project kickoff meeting with the first fifteen consortium members – workstreams identified for cryptographic discovery (inventory) and interoperability/performance of the draft PQC algorithms in communication protocols
• July 2022: Candidate algorithms to be standardized are announced, along with alternate candidates advancing to the fourth round. NIST-IR 8413-upd1, Status Report on the Third Round of the NIST Post Quantum Cryptography Standardization Process, released.
• August 2023: First three Draft Federal Information Processing Standards (FIPS) Published by NIST December 2023: NIST Special Publication 1800-38B, Quantum Readiness: Cryptographic Discovery, is a preliminary draft offering (1) a functional test plan that exercises the cryptographic discovery tools to determine baseline capabilities; (2) a use case scenario to provide context and scope our demonstration; (3) an examination of the threats addressed in this demonstration; (4) a multifaceted approach to start the discovery process that most organizations can start today; and (5) a high-level architecture based on our use case that integrates contributed discovery tools in our lab. NIST Special Publication 1800-38C, Quantum Readiness: Testing Draft Standards for Interoperability and Performance, is a preliminary draft offering (1) identification of compatibility issues between quantum-ready algorithms, (2) resolution of compatibility issues in a controlled, nonproduction environment, and (3) reduction of time spent by individual organizations performing similar interoperability testing for their own PQC migration efforts. Publication of Draft 1800-38 Series Guidance, “Migration to Post-Quantum Cryptography Quantum Readiness: Cryptographic Discovery”
• April 2024: Fourth NIST PQC Standardization Conference, Rockville MD
• July 2024: Publication of Final first three PQC FIPS. August 2024: Start of Standardization of FALCON Digital Standard.
• September 2024: Continued inclusion of completed FIPS in national and international Standards Bodies

Post-Quantum Cryptography Summary

Securing the Federal Government against the risks posed by a Cryptographically Relevant Quantum Computer (CRQC) will require a comprehensive, multi-year effort across all government agencies. Cryptography is deeply integrated into all Federal information systems and is crucial for maintaining cyber defenses and ensuring that essential public services function securely.

To protect this cryptography against both current and future threats, the government must follow the directives outlined in the relevant legislation and National Security Memorandum-10 (NSM-10). Leveraging the combined expertise and authority of agencies like the Office of Management and Budget (OMB), Office of the National Cyber Director (ONCD), Cybersecurity and Infrastructure Security Agency (CISA), National Institute of Standards and Technology (NIST), and National Security Agency (NSA) will be essential in achieving this goal.