NIST Advances 14 Algorithms to Round 2 of the Post-Quantum Cryptography Standardization Process
NIST has made its most recent major step in securing digital communication from the new threats of quantum computing.
It wrapped up the promotion of 14 cryptographic algorithms to the second round of its additional post-quantum digital signing competition.
This is the agency’s additional step towards the persistent effort to create secure cryptographic standards in the face of the fast advancement of quantum computing technology capable of violating public key cryptographic communication.
The Need for Diversity in Digital Signatures
In July 2022, NIST published its first lot of quantum-resistant algorithms for standardization. This comprised encryption techniques and digital signatures.
While this step had marked significant progress, NIST still felt that the digital signature schemes lacked diversity, and they needed more variety in their alternatives, particularly those concerning lattice-based approaches, due to some potential vulnerabilities.
Also Read: NIST Releases Its Initial Set of Finalized Post-Quantum Encryption Standards
In September 2022, NIST called for new proposals on digital signatures; 40 timely submissions were made before the June 2023 cut-off date. After careful review, NIST narrowed the pool to 14 candidates for Round 2.
The Selected 14 Algorithms
NIST called for submissions of this auxiliary project at the end of 2023, and researchers around the globe responded with 40 proposals.
Hence, the diversity of cryptographic techniques was wide. Of them, 14 algorithms were selected through strict review to advance into the second round.
Code-Based Approaches
- CROSS
- LESS
Lattice-Based Approach
- HAWK
Multivariate-Based Approaches
- MAYO
- QR-UOV
- SNOVA
- UOV
MPC-in-the-Head-Based Approaches
- Mirath (merger of MIRA/MiRitH)
- MQOM
- PERK
- RYDE
- SDitH
Isogeny-Based Approach
- SQIsign
Symmetric-Based Approach
- FAEST
The Evaluation Process
The evaluation stage, expected to take 12-18 months, allows submission teams to hone their proposals to more fine grain. By January 17, 2025, teams may submit revised specifications and implementations.
Expert Insights on Quantum Preparedness
Experts warn that the day of quantum computing may arrive sooner than expected and thus requires preparation now. Traditional encryptions will soon be broken and force businesses to embrace crypto-agility–the ability to act fast on new cryptographic standards.
Issues in Migration
Colin Soutar, a Deloitte MD, further puts it that some uncertainty in the timeline of when it will happen complicates the effort to focus on what should migrate. Still, organizations must start preparing today to mitigate long-term risks of quantum threats.
Strategic Urgency
Kevin Bocek, Chief Innovation Officer, Venafi, closed out the conversation by saying there is a critical need for secure machine identities – the backbone of enterprise security – to gain visibility into cryptographic assets and embrace hybrid solutions connecting traditional with quantum-resistant techniques.
Future Steps and Industry Implications
Thus, NIST’s actions in this critical stage toward mitigating the threat of quantum Proposals developed for the second round will be published when the 6th PQC Standardization Conference is held by the agency in September 2025.
Organizations are urged to:
- Audit cryptographic assets to understand their exposure.
- Adopt hybrid encryption models to transition into quantum-resistance systems gradually. Implement automation and visibility tools to manage cryptographic changes without effort.
Prepare for the Quantum Era with NIST and Certera
Certera is available to provide transparent services built specifically to help you transition to PQC about the NIST guidelines. Cryptographic resilience is our specialty, which confirms you are geared up to safeguard your information and uphold user confidence and compliance.
Why rely on waiting for a crack to appear? Protect your digital environment now with Certera!