In December 2016, the U.S. National Institute of Standard and Technology (NIST) announced a competition to select new quantum resistant public key encryption algorithms that would eventually supersede the classical RSA and other public key cryptography algorithms that may be vulnerable to future quantum computers. For the past five years they have been receiving nominations, holding conferences, and going through three rounds of selection to determine which ones to recommend based upon security, performance, and other factors. They are very close to completing Round 3 and will announce their initial selections of new algorithms to recommend. Some algorithms still need more study and there will be a Round 4 to see if any additional ones should be standardized too. In the chart below, the algorithms shown as Finalists are being considered for standardization in Round 3 and the algorithms shown as Alternates are being considered for further analysis and possible standardization in Round 4.
Once the Round 3 selections are announced, NIST will publish a report explaining their decisions. After that, there will still be additional work to draft the standards, call for public comments, and the selections probably won’t be officially formalized until 2024. But we see these as activities as formalities that won’t create any significant changes. In addition, the Round 4 analysis and recommendation activities will take 12-18 months to complete after the Round 4 candidates are announced.
When we listen to presentations from various consultants and quantum computing providers, we often hear the message that enterprises should start investigating quantum computing now or else they will be left behind. But it is our view that it is just as important, if not more, for enterprises to allocate resources and start right now planning how to migrate their entire digital communications infrastructure to use quantum resistant encryption techniques. Although it may take another 10 years or so before a large enough quantum computer is available to run Shor’s algorithm and break the current public key algorithms, experience has shown that it takes 10 years or more to implement new encryption technology in the thousands of computers and software programs that are in use within a typical enterprise.
For those CIOs who experienced the intensive Y2K conversion activities twenty years ago, this migration will likely be significantly more complex. The number of computers, smartphones, IoT, and other digital devices in use today is orders of magnitude higher than it was earlier this century. Also, while Y2K had a specific deadline of December 31, 1999, no one really knows when the large, powerful quantum machines will be in operation. In addition, any communications of long shelf-life data may be vulnerable to a Harvest Now, Decrypt Later attack that accelerates the time frame when quantum resistant encryption is needed. So, enterprises planning a strategy have some important questions to answer such as:
- What systems will we need to upgrade?
- Will PQC support automatically be built into new software updates of programs and apps we are currently using?
- What help can we get from our existing vendors and what new vendors should we bring on to help us?
- Should we use the software-based PQC approach or the physics-based QKD approach?
- Should we look into using hybrid classical/quantum encryption techniques for extra safety?
- Will implementing the PQC algorithms create any performance impacts in our systems and user response times?
With the pending announcement of the first selected algorithms from NIST, now would be the time to get going if you haven’t started already. For additional information on this topic, we recommend reading a white paper from the Quantum Economic Development Consortium (QED-C) titled A Guide to a Quantum-Safe Organization. You can also visit the Post-Quantum Cryptography website maintained by NIST which contains an archive of the submissions, presentations, workshops and events that have occurred during this program.
March 5, 2022