News, news analysis, and commentary on the latest trends in cybersecurity technology.

NIST Finalizes Post-Quantum Encryption Standards

The new standards are designed for two tasks: general encryption and digital signatures.

theoretical image of a quantum chip
Source: Science Photo Library via Alamy Stock Photo

Three new encryption algorithms to bolster global cybersecurity efforts against future attacks using quantum technologies were published today by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. The new standards are designed for two tasks: general encryption and digital signatures. 

The standards are the culmination of an eight-year effort from the agency to tap the best minds in cybersecurity to devise the next generation of cryptography strong enough to withstand quantum computers. Experts expect quantum computers capable of breaking current current cryptographic algorithms within a decade. The new standards, the first released by NIST’s post-quantum cryptography (PQC) standardization project, are published on the department's website. The documents contain the algorithms' computer code, instructions for how to implement them in products and in encryption systems, and use cases for each. 

  • FIPS 203 is a key-encapsulation mechanism encryption algorithm to project information transferred over a public network and is "intended as the primary standard for general encryption," the agency said. It is based on the CRYSTALS-Kyber algorithm, renamed as the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM).

  • FIPS 204 is the primary standard for protecting digital signatures. It uses the CRYSTALS-Dilithium algorithm, now called the Module-Lattice-Based Digital Signature Algorithm (ML-DSA).

  • FIPS 205 is also designed for digital signatures. It leverages a different mathematical approach than ML-DSA and is intended to be used as a backup when that algorithm proves vulnerable. The standard employs the Sphincs+ algorithm, now known as the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA).

NIST mathematician Dustin Moody, head of the PQC standardization project, said the agency is continuing to evaluate two additional algorithms to use as backup standards but urges security practitioners to use those released today. 

"There is no need to wait for future standards," he said. "Go ahead and start using these three. We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe. But for most applications, these new standards are the main event."

About the Author

Jennifer Lawinski, Contributing Writer

Jennifer Lawinski is a writer and editor with more than 20 years experience in media, covering a wide range of topics including business, news, culture, science, technology and cybersecurity. After earning a Master's degree in Journalism from Boston University, she started her career as a beat reporter for The Daily News of Newburyport. She has since written for a variety of publications including CNN, Fox News, Tech Target, CRN, CIO Insight, MSN News and Live Science. She lives in Brooklyn with her partner and two cats.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights