NIST crowdsources quantum-proof encryption
Thu 22 Dec 2016
The National Institute of Science and Technology has called for cryptographers to create the next generation of cryptography keys, intended to withstand attack by a quantum computer.
Using pairs of large numbers as keys to unlock digital information, or sometimes multiplying those numbers to create another level of security, is the predominant method of public key encryption currently used to protect electronic banking data and other sensitive information.
However, the massive computing power posed by quantum computing would make short work of existing algorithms.
Advances in research and development of quantum computing led NIST to take the ‘first formal step in countering the danger that quantum computers pose to the security of digital information.’ That step is to officially ask the public to develop and submit new algorithms for post-quantum cryptography standardization.
The new algorithms must be created to withstand attack by a quantum computer, and NIST has suggested that the new algorithms focus on replacements for standards in public key encryption.
Cryptographers may send proposed algorithms to the NIST for consideration to replace the three NIST cryptographic standards that have been deemed most vulnerable to a quantum computer attack. The three algorithm classes that may be replaced are those that deal with encryption, key establishment and digital signatures, all of which use public key cryptography.
Submissions will be accepted until November 30 2017, and cryptographers will be invited to present proposed algorithms at a conference in early 2018. Accepted submissions will be reviewed by NIST for three to five years, at the conclusion of which the agency will release a new set of encryption standards.
Dr. Dustin Moody, NIST mathematician, said that the agency will also look for public input in analyzing the algorithms submitted, as the pool is narrowed to the most likely candidates.
“We hope to get lots of people around the world working on this so we can have increased confidence in the results,” he said. “Post-quantum algorithms haven’t received nearly the same amount of scrutiny and cryptanalysis as those we currently use on today’s conventional computers. We need that to change.”