WHY THIS MATTERS IN BRIEF
When quantum computers get powerful enough they will be able to crack almost all of today’s encryption, so we need new algorithms.
NIST has been running a competition for the last six years to identify quantum-safe algorithms that powerful quantum computers, which will be able to crack 256 Bit encryption in just minutes, and even 2,048 Bit encryption in just 8 hours, won’t be able to break. Now, the agency has chosen CRYSTALS-Kyber for general encryption due to its speed and small encryption keys, and CRYSTALS-Dilithium, FALCON, and SPHINCS+ for digital signatures.
The Future of Cyber Crime, by keynote Matthew Griffin
“Today’s announcement is an important milestone in securing our sensitive data against the possibility of future cyberattacks from quantum computers,” said Gina Raimondo, US secretary of commerce. “Thanks to NIST’s expertise and commitment to cutting-edge technology, we are able to take the necessary steps to secure electronic information so US businesses can continue innovating while maintaining the trust and confidence of their customers.”
The announcement comes shortly after G7 nations committed to “new cooperation to deploy quantum-resistant cryptography with the goal of ensuring secure interoperability between ICT systems and fostering growth in the digital economy.”
Quantum cryptography has remained a hot topic this year, particularly after the White House issued a memo highlighting that any digital system that uses public standards for public-key cryptography could be vulnerable to an attack by quantum computers in the future.
The launch of these new cryptographic standards will play a vital role in helping enterprises to identify what solutions to implement in their environments to protect their data against post-quantum threats, which researchers estimate could go live as soon as 2030 or even 2025.
These new cryptographic standards also coincide with the growth of the wider quantum cryptography market, which researchers anticipate will reach a value of $291.9 million by 2026 as more organizations seek or invest in securing themselves against future quantum threats.
With world government and security standardization bodies highlighting the need for post-quantum security solutions, there are a growing number of providers in the market, all vying to position themselves as the go-to quantum security provider.
One of the main providers in the market is Post-Quantum, which provides solutions including a quantum-secure end-to-end encrypted messaging app and a post-quantum VPN.
Post-Quantum currently has its Classic McEliece algorithm in consideration for standardization by NIST in the future.
Another competitor is PQShield, providing post-quantum cryptography hardware with a System on Chip design designed to secure smart cards and security chips against post-quantum threats, and an encrypted messaging platform. PQShield announced raising $20 million as part of a series A funding round at the start of this year.
Currently, the main differentiator between these providers is the type of algorithms they use to secure the organization’s environments. For instance, PQShield is algorithm-agnostic, based on NIST’s chosen algorithms, while Post-Quantum uses its Classic McEliece algorithm.