On August 14, 2024, the National Institute of Standards and Technology (NIST) took a major step toward securing our digital future by releasing the much-anticipated post-quantum encryption standards. These new protocols are designed to safeguard electronic information against the looming threat of quantum computing, which is expected to render current cryptographic algorithms obsolete within the next decade.
Why This Matters
Quantum computers, with their unprecedented processing power, pose a unique threat to our current encryption methods. While these machines are not yet commercially available, the clock is ticking. NIST, along with other experts, has been warning us for years that quantum computing capable of breaking today’s encryption could be just a decade away. And that warning was echoed again today.
To counter this threat, NIST has finalized three post-quantum cryptographic algorithms that will form the backbone of our digital defenses in the years to come:
- ML-KEM (based on CRYSTALS-Kyber): This algorithm is intended for general encryption, ensuring that data remains secure as it traverses public networks.
- ML-DSA (originally known as CRYSTALS-Dilithium): This algorithm secures digital signatures, which are essential for authenticating online identities.
- SLH-DSA (initially submitted as Sphincs+): Another algorithm focused on securing digital signatures, offering a different approach to the same challenge.
In addition, a fourth algorithm, FN-DSA (originally called FALCON), is scheduled for finalization later this year and will also serve the critical role of securing digital signatures.
Looking Ahead
NIST is not stopping here. They are actively evaluating two other sets of algorithms that could serve as future backup standards. One of these sets includes three algorithms designed for general encryption, though based on a different mathematical foundation than the newly finalized ML-KEM. By the end of 2024, NIST plans to select one or two of these algorithms to bolster our cryptographic defenses further.
The Call to Action
The release of these standards is not just a milestone; it’s a call to action. NIST mathematician Dustin Moody strongly advises system administrators to begin transitioning to these new standards immediately. “There is no need to wait for future standards,” Moody emphasized. “Go ahead and start using these three. We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe. But for most applications, these new standards are the main event.”
What This Means for CISOs
For Chief Information Security Officers (CISOs), the message is clear: the time to act is now. While the quantum threat may still seem distant, the complexity and scale of transitioning to these new standards require early and decisive action. By starting the integration of ML-KEM, ML-DSA, and SLH-DSA into your security protocols today, you can ensure that your organization’s data remains protected against future quantum attacks.
This transition is not merely about compliance; it’s about staying ahead of the curve in a rapidly evolving threat landscape. The cybersecurity community has a window of opportunity to prepare, and those who act now will be best positioned to secure their digital assets against the challenges of tomorrow.
In the coming months, as we await the finalization of FN-DSA and the selection of additional backup algorithms, staying informed and proactive will be key. NIST has provided the tools, and it’s up to us to implement them to protect the integrity, confidentiality, and availability of our data in a quantum-powered future.
Conclusion
The release of these post-quantum cryptographic standards marks a pivotal moment in cybersecurity. As CISOs, our role is to guide our organizations through this transition, ensuring that we are not only compliant with the latest standards but also fully prepared for the quantum challenges that lie ahead. The future of cybersecurity is being written today, and it’s up to us to lead the way.