{"id":4672,"date":"2023-08-30T08:06:34","date_gmt":"2023-08-30T13:06:34","guid":{"rendered":"https:\/\/entrustblog.wpengine.com\/?p=4672"},"modified":"2023-08-30T08:22:49","modified_gmt":"2023-08-30T13:22:49","slug":"nist-delivers-the-draft-standards-for-post-quantum-cryptography","status":"publish","type":"post","link":"https:\/\/entrustblog.wpengine.com\/2023\/08\/nist-delivers-the-draft-standards-for-post-quantum-cryptography\/","title":{"rendered":"NIST delivers the draft standards for Post-Quantum Cryptography"},"content":{"rendered":"

The starting whistle has gone off in the race for quantum-safe cryptography solutions. Last week, the National Institute of Standards and Technology (NIST) released their draft standards<\/a> for post-quantum cryptography (PQC).<\/p>\n

As my colleague Greg Wetmore noted in July<\/a>, all eyes have been on the NIST PQ competition<\/a> for the last several years, with the third-round finalist algorithms announced last summer, and now the release of the PQC draft standards \u2013 a major milestone in quantum readiness and the future migration to quantum-safe cryptography.<\/p>\n

Despite knowing the high stakes \u2013 by most analysis, advancements in quantum computers will result in them being capable of breaking traditional public key cryptography<\/a> within the decade \u2013 some organizations have been hesitant to begin their PQC preparations until NIST\u2019s draft standards were released. That barrier has been crossed.<\/p>\n

Now, draft standards for three algorithms are open for public comment and feedback until November 22, 2023; with the standards likely to be finalized in 2024. Once this happens, organizations will be expected to make the transition to these algorithms designed to withstand quantum computer attacks in order to protect their sensitive data. And with the fourth round of the competition still underway, it\u2019s no surprise that the NIST release also states that \u201cWhile these three will constitute the first group of post-quantum encryption standards NIST creates, they will not be the last.\u201d So, more to come.<\/p>\n

The draft standards weren\u2019t the only quantum-related announcement last week. NIST, Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released a joint factsheet titled Quantum-Readiness: Migration to Post-Quantum Cryptography<\/a>. The intention<\/a> of the joint factsheet is to further encourage \u2013 both government agencies and organizations \u2013 to begin their planning for the migration to PQC now. Why?<\/p>\n