NIST announces four quantum-resistant algorithms

Today, the U.S. National Institute of Standards and Technology (NIST) has announced the first four quantum-resistant algorithms that will become part of the agency’s post-quantum cryptographic standard. 

NIST has been running a competition for the last six years to identify quantum-safe algorithms. Now, the agency has chosen CRYSTALS-Kyber for general encryption due to its speed and small encryption keys, and CRYSTALS-Dilithium, FALCON, and SPHINCS+ for digital signatures. 

“Today’s announcement is an important milestone in securing our sensitive data against the possibility of future cyberattacks from quantum computers,” said Gina Raimondo, U.S. secretary of commerce. “Thanks to NIST’s expertise and commitment to cutting-edge technology, we are able to take the necessary steps to secure electronic information so U.S. businesses can continue innovating while maintaining the trust and confidence of their customers.”

The drive toward post-quantum cryptography

The announcement comes shortly after G7 nations committed to “new cooperation to deploy quantum-resistant cryptography with the goal of ensuring secure interoperability between ICT systems and fostering growth in the digital economy.” 

Quantum cryptography has remained a hot topic this year, particularly after the White House issued a memo highlighting that any digital system that uses public standards for public-key cryptography could be vulnerable to an attack by quantum computers in the future. 

The launch of these new cryptographic standards will play a vital role in helping enterprises to identify what solutions to implement in their environments to protect their data against post-quantum threats, which researchers estimate could go live as soon as 2030. 

The quantum cryptography market 

These new cryptographic standards also coincide with the growth of the wider quantum cryptography market, which researchers anticipate will reach a value of $291.9 million by 2026 as more organizations seek or invest in securing themselves against future quantum threats. 

With world government and security standardization bodies highlighting the need for post-quantum security solutions, there are a growing number of providers in the market, all vying to position themselves as the go-to quantum security provider. 

One of the main providers in the market is Post-Quantum, which provides solutions including a quantum-secure end-to-end encrypted messaging app and a post-quantum VPN. 

Post-Quantum currently has its Classic McEliece algorithm in consideration for standardization by NIST in the future. 

Another competitor is PQShield, providing post-quantum cryptography hardware with a System on Chip design designed to secure smart cards and security chips against post-quantum threats, and an encrypted messaging platform. PQShield announced raising $20 million as part of a series A funding round at the start of this year. 

Currently, the main differentiator between these providers is the type of algorithms they use to secure the organization’s environments. For instance, PQShield is algorithm-agnostic, based on NIST’s chosen algorithms, while Post-Quantum uses its Classic McEliece algorithm.