News From the NIST Post-Quantum Crypto Process

quantum security control room image, preventing a quantum cyber security threat

In order to counter the quantum cyber security threat, which will break current asymmetric cryptography, NIST has launched a process to select and standardize new resilient algorithms (Post Cryptography Standardisation). The open selection process started in 2017, with a first round of 69 proposed algorithms, which were presented, analysed and attacked by the crypto community. We are now in the final stage of the third round, with seven finalists, three algorithms for signature and four for key exchange. The final selection is expected next month.

Recently, a new classical attack on one of these finalists, the Rainbow algorithm, was announced on the PQC forum and published (Read Article). The validity of this attack was quickly acknowledged and will probably lead to the abandonment of this algorithm. The fact that this attack was only discovered so late in the process demonstrates two important points.

First, open disclosure of the details of the algorithms is crucial to enable the community to analyse them and find possible flaws. Cryptanalysis is a complicated and lengthy process, which should not be constrained. The NIST process has been rather exemplary in this respect. All proposed algorithms have been subject to an in-depth analysis by the whole community. This contrasts with the behaviour of a few companies, which are using proprietary algorithms, which have not been submitted to this gruelling process.

Quantum random number generation to counter quantum cyber security threats

Second, even after this analysis, there is still a distinct risk that a new algorithm may fail, either classically or from a new quantum attack. This is why, at ID Quantique, we advocate adding another layer of safety by using quantum technologies, such as quantum random number generation (QRNG) and quantum key distribution (QKD). QRNG can and should be used for all key generation processes. QKD can also be applied today for long-term protection of communication backbones and metropolitan networks.

QKD Networks and the future Quantum Internet will expand the scope of applications much further. The future of cybersecurity will only be achieved by a combination of all available technologies, from both the mathematics side and the quantum side.

Learn more about our Quantum Random Number Generators here

Cookie	Duration	Description
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CLID	1 year	Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
MR	7 days	This cookie, set by Bing, is used to collect user information for analytics purposes.
SM	session	Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains.
_clck	1 year	Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID.
_clsk	1 day	Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.n
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and verify ads' clicks on the Bing search engine. The cookie helps in reporting and personalization as well.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
MUID	1 year 24 days	Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
datatranscw-woocommerce-context-id	session	Description is currently not available.
datatranscw-woocommerce-context-key	session	Description is currently not available.
VISITOR_PRIVACY_METADATA	5 months 27 days	Description is currently not available.
wp11868	1 year	Marketing automation. Automatically sets cookie tracking when visitors engage through form submissions, clickthrough’s in email messages, and web pages containing the Act-On Beacon Tracker.

News From the NIST Post-Quantum Crypto Process

Stay one step ahead