In discussion with Team PQShield’s key NIST contributors
It won’t have escaped your attention that earlier this year, The US National Institute of Standards and Technology (NIST) announced the long-awaited outcome of its post-quantum cryptography standardization project. For the team at PQShield, this was particularly momentous as it was revealed our advisory board and researchers have contributed to ALL the new draft standards. Specifically:
- Falcon, a digital signature algorithm, led and co-authored by Dr Thomas Prest
- NTRU, a key encapsulation mechanism also shortlisted as a finalist, co-athored by Oussama Danba
- Finalists and alternates CRYSTALS-Dilithium, NTRU, SPHINCS+, Classic McEliece, CRYSTALS-KYBER, and FrodoKEM, co-authored by Professor Peter Schwabe (Radboud University and the Max Planck Institute for Security and Privacy) and Professor Chris Peikert (University of Michigan).
Of these, CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs. Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures.
Following this incredible achievement, we sat down with two of our key NIST contributors – Dr Thomas Prest (co-author of Falcon) and Prof Peter Schwabe (co-author of Dilithium, KYBER, and SPHINCS+) – to get their insight on the process, the challenges, and the future of post-quantum cryptography. You can watch the four-part video series here.
NIST surprised the cryptography community by announcing their intention to further study four schemes, thereby creating an unforseen fourth round of standardiztion. This additional stage has also triggered an upcoming call for proposals to diversify the signature portfolio, opening the field for new and interesting cryptographic innovations.
The future of post-quantum cryptography
The world of cryptography is on the cusp of monumental change – goodbye quantum, and hello post-quantum. For many years, cryptographers have stressed the importance of addressing post-quantum when dealing with both consumer and business products. But until now, there have always been questions around the what, when and how. With NIST’s standards confirmed, the immediacy of the message has arrived, and the roadmap to PQ security can begin.
Adoption and deployment challenges
Now we have the algorithms, it’s time to tell everyone out there how to use them and, most importantly, when they need to start deploying them. The NIST announcement means more people than ever are paying attention to cryptography, whether they understand it fully or not. Of course, implementation of PQC is ultimately a matter of compliance and not choice. So although there are a plethora of performance characteristics to uncover and study, as well as many more questions to be answered, the time for action is definitely now.
Another significant event on the horizon is the announcement of standardizing protocols across both hardware and software. Existing protocols are tailored to classical cryptography, which means while they may not be completely redundant, it would be foolish to not reconsider their efficacy with regards to the new standardized keys. Being new kids on the block, PQ schemes are also less studied, which makes best-practice implementation all the more contentious.
You can watch the full interviews in our four-part NIST insights video series here.