Contact Us
  • No products in the list

News From the NIST Post-Quantum Crypto Process

quantum security control room image, preventing a quantum cyber security threat


In order to counter the quantum cyber security threat, which will break current asymmetric cryptography, NIST has launched a process to select and standardize new resilient algorithms (Post Cryptography Standardisation). The open selection process started in 2017, with a first round of 69 proposed algorithms, which were presented, analysed and attacked by the crypto community. We are now in the final stage of the third round, with seven finalists, three algorithms for signature and four for key exchange. The final selection is expected next month.

Recently, a new classical attack on one of these finalists, the Rainbow algorithm, was announced on the PQC forum and published (Read Article). The validity of this attack was quickly acknowledged and will probably lead to the abandonment of this algorithm. The fact that this attack was only discovered so late in the process demonstrates two important points.

First, open disclosure of the details of the algorithms is crucial to enable the community to analyse them and find possible flaws. Cryptanalysis is a complicated and lengthy process, which should not be constrained. The NIST process has been rather exemplary in this respect. All proposed algorithms have been subject to an in-depth analysis by the whole community. This contrasts with the behaviour of a few companies, which are using proprietary algorithms, which have not been submitted to this gruelling process.
Rainbow Algorithm image IDQ
Quantum random number generation to counter quantum cyber security threats

Second, even after this analysis, there is still a distinct risk that a new algorithm may fail, either classically or from a new quantum attack. This is why, at ID Quantique, we advocate adding another layer of safety by using quantum technologies, such as quantum random number generation (QRNG) and quantum key distribution (QKD). QRNG can and should be used for all key generation processes. QKD can also be applied today for long-term protection of communication backbones and metropolitan networks.

QKD Networks and the future Quantum Internet will expand the scope of applications much further. The future of cybersecurity will only be achieved by a combination of all available technologies, from both the mathematics side and the quantum side.

Stay one step ahead

Subscribe to our newsletters to receive breaking news, educational materials and product updates.
HomeShop Online