Quantum computing technology is developing rapidly, promising to solve many of society’s most intractable problems. However, as researchers race to build quantum computers that would operate in radically different ways from ordinary computers, some experts predict that quantum computers could break the current encryption that provides security and privacy for just about everything we do online.
Encryption—which protects countless electronic secrets, such as the contents of email messages, medical records, and photo libraries—carries a heavy load in modern digitized society. It does that by encrypting data sent across public computer networks so that it’s unreadable to all but the sender and intended recipient.
However, far more powerful quantum computers would be able to break the traditional public-key cryptographic algorithms, such as RSA and elliptic curve cryptography, that we use in our everyday lives. So, the need to secure the quantum future has unleashed a new wave of cryptographic innovation, making the post-quantum cryptography (PQC) a new cybersecurity benchmark.
Enter the National Institute of Standards and Technology (NIST), the U.S. agency that has rallied the world’s cryptography experts to conceive, submit, and then evaluate cryptographic algorithms that could resist the assault of quantum computers. NIST started the PQC standardization process back in 2016 by seeking ideas from cryptographers and then asked them for additional algorithms in 2022.
Three PQC standards
On 13 August 2024, NIST announced the completion of three standards as primary tools for general encryption and protecting digital signatures. “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time,” said Dustin Moody, NIST mathematician and the head of the PQC standardization project.
Figure 1 The new PQC standards are designed for two essential tasks: general encryption to protect information exchanged across a public network and digital signatures for identity authentication. Source: NIST
Federal Information Processing Standard (FIPS) 203, primarily tasked for encryption, features smaller encryption keys that two parties can exchange easily at a faster speed. FIPS 203 is based on the CRYSTALS-Kyber algorithm, which has been renamed ML-KEM, short for Module-Lattice-Based Key-Encapsulation Mechanism.
FIPS 204, primarily designed for protecting digital signatures, uses the CRYSTALS-Dilithium algorithm, which has been renamed ML-DSA, short for Module-Lattice-Based Digital Signature Algorithm. FIPS 205, also intended for digital signatures, employs the Sphincs+ algorithm, which has been renamed SLH-DSA, short for Stateless Hash-Based Digital Signature Algorithm.
PQC standards implementation
Xiphera, a supplier of cryptographic IP cores, has already started updating its xQlave family of security IPs by incorporating ML-KEM (Kyber) for key encapsulation mechanism and ML-DSA (Dilithium) for digital signatures according to the final versions of the NIST standards.
“We are updating our xQlave PQC IP cores within Q3 of 2024 to comply with these final standard versions,” said Kimmo Järvinen, co-founder and CTO of Xiphera. “The update will be minor, as we already support earlier versions of the algorithms in xQlave products as of 2023 and have been following very carefully the standardisation progress and related discussions within the cryptographic community.”
Xiphera has also incorporated a quantum-resistant secure boot in its nQrux family of hardware trust engines. The nQrux secure boot is based on pure digital logic and does not include any hidden software components, which bolsters security and ensures easier validation and certification.
The nQrux secure boot uses a hybrid signature scheme comprising Elliptic Curve Digital Signature Algorithm (ECDSA), a traditional scheme, and the new quantum-secure signature scheme, ML-DSA, both standardized by NIST. The solution will ensure system security even if quantum computers break ECDSA, or if a weakness is identified in the new ML-DSA standard.
Figure 2 The hybrid system combines a classical cryptographic algorithm with a new quantum-secure signature scheme. Source: Xiphera
The nQrux secure boot, a process node agnostic IP core, can be easily integrated across FPGA and ASIC architectures. Xiphera plans to make this IP core available for customer evaluations in the fourth quarter of 2024.
PQC standards in RISC-V
Next, RISC-V processor IP supplier SiFive has teamed up with quantum-safe cryptography provider PQShield to accelerate the adoption of NIST’s PQC standards on RISC-V technologies. This will allow designers leveraging SiFive’s RISC-V processors to build chips that comply with NIST’s recently published PQC standards.
SiFive will integrate PQShield’s PQPlatform-CoPro security IP in its RISC-V processors to establish a quantum-resistant hardware root-of-trust and thus build a foundation of a secure system. “This collaboration ensures that designers of RISC-V vector extensions will be working with the latest generation of cybersecurity,” said Yann Loisel, principal security architect at SiFive.
Figure 3 PQPlatform-CoPro adds post-quantum cryptography (PQC) to a security sub-system. Source: PQShield
The partnership will also allow PQShield’s cryptographic libraries to utilize RISC-V vector extensions for the first time. On the other hand, RISC-V processors will incorporate a brand-new security technology with a greater level of protection and trust.
No wait for backup standards
Powerful quantum computers are soon expected to be able to easily crack the current encryption standards used to protect software and hardware applications. So, as the above announcements show, hardware and software makers are starting to migrate their semiconductor products to PQC technologies in line with NIST’s new standards for post-quantum cryptography.
While NIST continues to evaluate two other sets of algorithms that could one day serve as backup standards, NIST’s Moody says there is no need to wait for future standards. “Go ahead and start using these three. We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe. But for most applications, these new standards are the main event.”
It’s important to note that while these PQC algorithms are implemented on traditional computational platforms, they can withstand both traditional and quantum attacks. That’s a vital consideration for long-lifecycle applications in automotive and industrial designs.
Moreover, the landscape of cryptography and cybersecurity will continue shifting amid the ascent of powerful quantum computers capable of breaking the traditional public-key cryptographic algorithms. That poses an imminent threat to the security foundations of global networks and data infrastructures.
Related Content
- Securing the Internet of Things in a Quantum World
- An Introduction to Post-Quantum Cryptography Algorithms
- Release of Post-Quantum Cryptographic Standards Is Imminent
- The need for post-quantum cryptography in the quantum decade
- U.K. Conference Accelerates Post-Quantum Cryptography Standards Review Process
The post PQC algorithms: Security of the future is ready for the present appeared first on EDN.