Cryptographic standards to protect sensitive electronic data against the threat of quantum computers have finally been selected by the US National Institute of Standards and Technology (NIST) as announced on 5 July. Léo Ducas from CWI's Cryptology group is involved in the two primary schemes of the upcoming portfolio; one for public-key encryption and one for digital signatures. These new standards are meant for global deployments, reaching billions of users.
In order to protect sensitive data against attacks from quantum computers, several approaches of cryptography can be possible. In order to standardize this next-generation cryptography, the National Institute of Standards and Technology (NIST) has examined several approaches in a competition-like process over the last 5 years. Its focus is on public-key encryption schemes and on digital signatures schemes that combine high performance and general applicability with security in the face of possible future quantum computing.
Four future standard schemes
CWI researcher Léo Ducas is involved in the two primary upcoming standards, namely, the public-key encryption scheme (CRYSTALS-KYBER) and the digital signatures (CRYSTALS-DILITHIUM). Two additional signatures were also selected (FALCON and SPHINCS+).
Both proposals are the result of a multi-national collaborative effort, which included Centrum Wiskunde & Informatica (CWI), ENS Lyon, Radboud University, Ruhr University Bochum, University of Waterloo, IBM, NXP, ARM, SRI International, Florida Atlantic University and Tsinghua University.
Léo Ducas says: “The selection of our schemes as a standard means that it will be deployed globally, protecting the privacy of billions of users; fundamental research rarely gets such a direct and broad impact. The credit should go to the whole cryptographic research community; the schemes we proposed are merely the crystallization of decades of scientific effort.“
What’s next ?
All the selected candidates are now drafts for standards, with a final version expected within a year. The portfolio of standards might grow further in coming years, given that a few more schemes have been placed into a 4th round, and that a new call for more digital signatures schemes is expected.
Léo Ducas is a senior researcher in CWI's Cryptology group and a leading international expert on lattice-based cryptography, and a Professor of Mathematical Cryptology at Leiden University. His contributions to the cryptanalysis of lattices have impacted the design and parametrization of lattice-based proposals.
Prof. Léo Ducas (CWI and UL). Picture: CWI.
- NIST news item 'Announcing Four Candidates to be Standardized', 5 July 2022
- Léo Ducas in French national newspaper 'Le Monde', 7 July 2022
- Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process
- Contact data of Prof. dr. Léo Ducas at CWI
- Cryptology Group at CWI
- Dutch translation of the above news item on the new NIST standards for PQC
- Earlier CWI news item (2020) on the NIST finalists
- Earlier CWI news item (2020) on Léo Ducas, his research and ERC grant