https://community.isc2.org/t5/Industry-News/New-standards-to-protect-data-from-quantum-hackers/m-p/73206#M7126 <P>Hi All</P><P>&nbsp;</P><P>Sysadmins urged to implement new security standards "immediately".</P><P>&nbsp;</P><P>The world’s ICT industry is on notice to update widely used data encryption technologies after the finalisation of post quantum computing (PQC) algorithms designed to prevent powerful new quantum computers from decrypting sensitive personal, business, and government data.</P><P>Developed with industry and researchers through an <A href="https://csrc.nist.gov/projects/post-quantum-cryptography" target="_blank">eight-year effort</A> managed by the US National Institute of Standards and Technology (NIST), the <A href="https://www.federalregister.gov/documents/2024/08/14/2024-17956/announcing-issuance-of-federal-information-processing-standards-fips-fips-203-module-lattice-based" target="_blank">three new standards</A> – which NIST references as ML-KEM (<A href="https://csrc.nist.gov/pubs/fips/205/final" target="_blank">FIPS 203</A>), ML-DSA (<A href="https://csrc.nist.gov/pubs/fips/204/final" target="_blank">FIPS 204</A>), and SLH-DSA (<A href="https://csrc.nist.gov/pubs/fips/203/final" target="_blank">FIPS 205</A>) – are the result of a competitive process that began in 2016.</P><P>Anticipating the eventual development of large-scale cryptographically relevant quantum computers (CRQCs), NIST <A href="https://www.nist.gov/news-events/news/2016/12/nist-asks-public-help-future-proof-electronic-information" target="_blank">asked</A> the world’s cryptographic researchers to submit candidates to replace the existing <A href="http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf" target="_blank">FIPS 186-4</A>, <A href="http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf" target="_blank">NIST SP 800-56A</A> and <A href="http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br1.pdf" target="_blank">NIST SP 800-56B</A> standards – all of which are vulnerable because they protect data using <A href="https://en.wikipedia.org/wiki/Public-key_cryptography" target="_blank">public key cryptography</A> (PKC).</P><P>PKC’s security relies on long encryption ‘keys’ that are used to encrypt your web browsing, online banking, e-commerce purchases, submission of personal data, secure messaging, social media, email, and phone calls – as well as weightier data like company customer databases, intellectual property stores, and national security information.</P><P>&nbsp;</P><P><A href="https://ia.acs.org.au/article/2024/new-standards-to-protect-data-from-quantum-hackers.html" target="_blank">https://ia.acs.org.au/article/2024/new-standards-to-protect-data-from-quantum-hackers.html</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 18 Aug 2024 20:27:20 GMT Caute_cautim 2024-08-18T20:27:20Z https://community.isc2.org/t5/Industry-News/New-standards-to-protect-data-from-quantum-hackers/m-p/73206#M7126 <P>Hi All</P><P>&nbsp;</P><P>Sysadmins urged to implement new security standards "immediately".</P><P>&nbsp;</P><P>The world’s ICT industry is on notice to update widely used data encryption technologies after the finalisation of post quantum computing (PQC) algorithms designed to prevent powerful new quantum computers from decrypting sensitive personal, business, and government data.</P><P>Developed with industry and researchers through an <A href="https://csrc.nist.gov/projects/post-quantum-cryptography" target="_blank">eight-year effort</A> managed by the US National Institute of Standards and Technology (NIST), the <A href="https://www.federalregister.gov/documents/2024/08/14/2024-17956/announcing-issuance-of-federal-information-processing-standards-fips-fips-203-module-lattice-based" target="_blank">three new standards</A> – which NIST references as ML-KEM (<A href="https://csrc.nist.gov/pubs/fips/205/final" target="_blank">FIPS 203</A>), ML-DSA (<A href="https://csrc.nist.gov/pubs/fips/204/final" target="_blank">FIPS 204</A>), and SLH-DSA (<A href="https://csrc.nist.gov/pubs/fips/203/final" target="_blank">FIPS 205</A>) – are the result of a competitive process that began in 2016.</P><P>Anticipating the eventual development of large-scale cryptographically relevant quantum computers (CRQCs), NIST <A href="https://www.nist.gov/news-events/news/2016/12/nist-asks-public-help-future-proof-electronic-information" target="_blank">asked</A> the world’s cryptographic researchers to submit candidates to replace the existing <A href="http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf" target="_blank">FIPS 186-4</A>, <A href="http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf" target="_blank">NIST SP 800-56A</A> and <A href="http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br1.pdf" target="_blank">NIST SP 800-56B</A> standards – all of which are vulnerable because they protect data using <A href="https://en.wikipedia.org/wiki/Public-key_cryptography" target="_blank">public key cryptography</A> (PKC).</P><P>PKC’s security relies on long encryption ‘keys’ that are used to encrypt your web browsing, online banking, e-commerce purchases, submission of personal data, secure messaging, social media, email, and phone calls – as well as weightier data like company customer databases, intellectual property stores, and national security information.</P><P>&nbsp;</P><P><A href="https://ia.acs.org.au/article/2024/new-standards-to-protect-data-from-quantum-hackers.html" target="_blank">https://ia.acs.org.au/article/2024/new-standards-to-protect-data-from-quantum-hackers.html</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 18 Aug 2024 20:27:20 GMT https://community.isc2.org/t5/Industry-News/New-standards-to-protect-data-from-quantum-hackers/m-p/73206#M7126 Caute_cautim 2024-08-18T20:27:20Z