NIST Announces First Four Quantum-Resistant Cryptographic Algorithms (nist.gov)
Posted by msmash from the moving-forward dept.
jd writes: NIST has announced winners of its post-quantum cryptography battle of the giants.
CRYSTALS-Kyber has been chosen for standard encryption, CRYSTALS-Dilithium, Falcon, and SPHINCS+ were chosen for digital signatures. Falcon is recommended by NIST as a backup for Dilithium where shorter keys are needed, and SPHINCS+ uses a different mathematical technique than all of the other submissions, so if it is found that there’s a flaw in the maths for the others, then there’s something to fall back on.
There is still a final round for public key encryption algorithms. The remaining candidates are BIKE, Classic McEliece, HQC, and SIKE.
The mailing list members probably wish that they could use Slashdot’s moderation system about now, as some of the discussions have been extremely heated. This was especially true for the signature system Rainbow, which is used by the ABC Mint crypto-currency, which was rejected after what was claimed to be a catastrophic flaw was reported, with allegations that it could be broken over a weekend on a laptop, followed by counter-allegations that many of the other algorithms had significant flaws in them also. (This is likely why SPHINCS+ is a backup.)
Another area that was hotly debated was CPU design flaws, particularly HertzBleed, which got the well-known crypto maestro Bernstein rather annoyed. As SIKE is a final round candidate, NIST seem to be satisfied with his explanation for why CPU design flaws should not be considered. It is to be seen how this debate progresses.
If I have seen farther than others, it is because I was standing on the shoulders of giants. — Isaac Newton
Working…
