NIST asks for help with quantum-proof crypto

Today's crypto will be vulnerable to tomorrow's computers, and NIST wants to get a start on quantum-proofing its standards.

U.S. government scientists are asking private sector and academic cryptographers for help in writing new encryption algorithms that are complex and powerful enough to withstand cracking attempts by quantum computers.

Because of their immense computing power, mathematicians believe quantum computers will eventually be able to crack existing encryption algorithms.

In a Federal Register notice Tuesday, the National Institute of Standards and Technology announced that it would be accepting candidate algorithms until November next year.

“With the public’s participation,” the agency’s Cryptographic Technology Group says in a blog post, “NIST intends to spend the next few years gathering, testing and ultimately recommending new algorithms that would be less susceptible” to cracking by quantum computers.


NIST publishes the minimum standards for cryptographic technologies used by the U.S. government in a series of documents called the Federal Information Processing Standards (FIPS). These include recommended algorithms for various kinds of encryption used to secure data, communications and identity.

Despite a controversy when documents in the Edward Snowden leaks revealed that the NSA had tried to insert vulnerabilities in cryptography standards, NIST-approved algorithms are still considered the gold standard for cryptography and are widely used outside of government.

The current appeal is the second step of finding quantum-proofed algorithms. In August, NIST issued a draft document laying out the procedure for submitting and evaluating proposed algorithms and asked for comments. Now, after revisions, that process is in train.

After the submission period closes Nov. 30 next year, NIST will review the proposals, and anyone whose submission qualifies will be invited to present their algorithms at a workshop in early 2018. The evaluation phase which follows will take another three to five years, the blog post says.

Although still theoretical, quantum computers will be orders of magnitude faster and more powerful than current supercomputers. That’s bad news for encryption — a process which scrambles data according to a massively complex mathematical code. In theory, that can be broken: Computers can crack the code by “guessing” it over and over — a form of cracking known as brute force.


The current NIST-approved algorithms would take hundreds of years to brute force with today’s computers — but are expected to be much more vulnerable to the advanced power of quantum machines.

Latest Podcasts