CRYSTALS-KYBER, CRYSTALS-Dilithium and SPHINCS+, three security algorithms created by researchers from Radboud University and other organisations have been selected by the American National Institute of Standards and Technology (NIST) as one the new standards for post-quantum cryptography. The underlying technology must ensure that the encryption of sensitive communication will continue to be secure in the coming decades.
The three algorithms are being created by an international team that includes Peter Schwabe, professor of Cryptographic Engineering at Radboud University who is also associated with the Max Planck Institute for Security and Privacy. Schwabe collaborates with researchers of TU/Eindhoven and Centrum voor Wiskunde en Informatica (CWI). "This NIST PQC standardisation project is paving the path for the next generation of encryption and signature algorithms, which will secure digital communication worldwide. It was a great experience for our group to contribute to this massive international effort and now see the first big milestone reached."
The competition was announced by NIST six years ago and started with 69 proposals. After various preliminary rounds in which the algorithms were evaluated, the NIST ultimately selected three winners. Schwabe: “It was a conscious decision to select more than one winner; it offers more flexibility. The different algorithms are based on different underlying mathematical challenges. This is why they perform differently, depending on the objective for which they were selected.”
For the time being, the threat of quantum computers is purely theoretical: most scientists expect it will be years before a quantum computer can be built. Daan Sprenkels, who is researching post-quantum cryptography at Radboud University, says that it is nevertheless important to be prepared now. “Some information will always be sensitive, and must therefore be protected for a longer period of time. Embassy communications is one example. Suppose that a quantum computer is built in 50 years’ time. All communications protected by current encryption methods would then suddenly be out in the open. By using encryption based on post-quantum cryptography at an earlier stage, this sensitive information will also remain secure in the future.”
Researchers at Radboud University have been involved in key security standards more than once in recent decades. Joan Daemen, a professor associated with Radboud University since 2015, is co-author of the Rijndael algorithm that NIST selected as the winner of an earlier cryptography competition for the Advanced Encryption Standard, or AES, in 2000. This standard is still used today, such as to secure websites and encrypted WhatsApp messages.