The National Institute of Standards and Technology (NIST) is officially asking the public for help heading off a looming threat to information security: quantum computers, which could potentially break the encryption codes used to protect privacy in digital systems. NIST is requesting methods and strategies from the world’s cryptographers, with the deadline less than a year away.
The Call for Proposals for Post-Quantum Cryptography Standardization, announced today in the Federal Register, is NIST’s first formal step toward countering the danger that quantum computers pose to the security of digital information. Though practical quantum computers have yet to be built, their design—which would draw upon very different scientific concepts than conventional computers—would enable them to break some of the cryptographic algorithms commonly used to protect electronic messages.
With the public’s participation, NIST intends to spend the next few years gathering, testing and ultimately recommending new algorithms that would be less susceptible to a quantum computer’s attack.
First up is the gathering stage. Cryptographers can send proposed algorithms to NIST by Nov. 30, 2017. Full details are available at nist.gov/pqcrypto, but according to NIST mathematician Dustin Moody, their main concern should be with new algorithms for public key cryptography, a commonly used method of protecting information that uses electronic keys to unlock secrets.
Widely used public key cryptographic systems, which protect electronic banking data and many other kinds of information, use pairs of very large numbers to serve as the keys for decrypting the message. These numbers can be hidden by multiplying them together to produce even larger numbers that a conventional computer cannot easily factor. However, a quantum computer would be able to find the initial two numbers quickly, breaking the encryption.
“We’re looking to replace three NIST cryptographic standards and guidelines that would be the most vulnerable to quantum computers,” Moody said, referring to FIPS 186-4, NIST SP 800-56A and NIST SP 800-56B. “They deal with encryption, key establishment and digital signatures, all of which use forms of public key cryptography.”
After the deadline, Moody said, NIST will review the submissions, and everyone whose proposal meets the acceptability requirements will be invited to present their algorithms at an open workshop in early 2018. The evaluation phase will follow, which will take an estimated three to five years.
“We will be doing our own internal review of the algorithms, and we certainly want the public and crypto community to analyze the algorithms as well,” Moody said, adding that NIST will narrow down the candidate pool a few times during the evaluation period to focus on ones that appear promising.
Moody said his team anticipates that there will be more than one post-quantum algorithm, which NIST will ultimately recommend to replace each of the three current standards.
“We hope to get lots of people around the world working on this so we can have increased confidence in the results,” he said. "Post-quantum algorithms haven't received nearly the same amount of scrutiny and cryptanalysis as those we currently use on today's conventional computers. We need that to change.”