Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎08-13-2024 04:41 PM
‎08-13-2024 04:41 PM

NIST Releases First 3 Finalized Post-Quantum Encryption Standards

Hi All

 

A great day indeed:

 

  • NIST has released a final set of encryption tools designed to withstand the attack of a quantum computer.
  • These post-quantum encryption standards secure a wide range of electronic information, from confidential email messages to e-commerce transactions that propel the modern economy.
  • NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible.

https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryptio...

 

ML-KEM (formerly Kyber):
https://lnkd.in/eFfWjpqA

 

ML-DSA (formerly Dilithium):
https://lnkd.in/edAyb3ZX

 

SLH-DSA (formerly SPHINCS+):
https://lnkd.in/eJZfvZmq

 

Regards

 

Caute_Cautim

 

Reply
9 Replies
denbesten
Community Champion
‎08-15-2024 01:59 PM
‎08-15-2024 01:59 PM

It will be a better day when the encryption standards have been incorporated into the various protocols (looking at you, TLS) and vendors start implementing them so that we can enable it as an option.  

 

I look at this development as moving from fear-mongering to vaporware.  Next comes prototyptes, beta releases, full releases, deprecation of the old stuff and finally end-of-life for the old stuff.  

Reply
0 Kudos
Caute_cautim
Community Champion
‎08-15-2024 03:59 PM
‎08-15-2024 03:59 PM

Hi @denbesten   The real panic will occur, when RSA is broken by Quantum Computers, then all payment systems around the world will go into a spin - as the majority of them use them for Blockchain, Bitcoin, cryptocurrency exchanges, Telecommunications, Medical devices and then add Public Key Infrastructure (PKI) suddenly redundant.   The warning is there prepare to be Crypto Agile, and finding out where your current cryptographic algorithms are resident within applications, systems and devices - build a Cryptographic Bill of Materials (CBOM) and start planning. 

 

State Nations are already stepping up actions against others, doing the Harvest Now Decrypt Later (HNDL) game, it is only a matter of time before this occurs.

 

Remember it took the Payment Industry six years to convert from SSL to TLS V1.2 - so this is good notification, rather than waiting for panic to set in, when it is far too late.

 

Regards

 

Caute_Cautim

Reply
0 Kudos
denbesten
Community Champion
‎08-15-2024 08:41 PM
‎08-15-2024 08:41 PM

Agree that there is an arms-race here.  The limitation for those at my pay-grade is that I must depend upon my software suppliers, web site owners, etc. to do their part.  My contribution boils down to "keep current with patches and updates, much like any other upgrade.

Reply
0 Kudos
Caute_cautim
Community Champion
‎08-15-2024 08:49 PM
‎08-15-2024 08:49 PM

@denbestenLets hope that someone is strategizing and envisaging the near future.

 

Regards

 

Caute_Cautim

Reply
0 Kudos
michaljordan
Newcomer I
‎08-22-2024 02:03 PM
‎08-22-2024 02:03 PM

I agree that we’re definitely in an arms race here. The challenge for those of us at my level is that we rely heavily on our software providers, website administrators, and others to uphold their end of the bargain. My role largely comes down to keeping current with patches and updates, GBWA , much like managing any other kind of upgrade.
gbapponline.com

 
 
 
Reply
0 Kudos
Caute_cautim
Community Champion
‎08-22-2024 04:46 PM
‎08-22-2024 04:46 PM

@michaljordan @denbesten There is nothing wrong in directing communications to those responsible to ask the question how is this company preparing for Post Quantum Cryptography (PQC)?  The worst they can do is bite your head off, or provide a snide remark or simply ignore your question.

 

Perhaps it may prompt a conversation, and lead to other things to some positive outcomes.

 

There is plenty of papers within this community, which have been written by various industries including Telecommunications, Banking sectors.   I am sure I could dig out many more.

 

Regards

 

Caute_Cautim

Reply
0 Kudos
JohnMansoryyy
Viewer II
‎10-12-2024 04:09 AM
‎10-12-2024 04:09 AM

This is a huge step forward! The release of these post-quantum encryption standards is a major milestone in protecting data against future quantum threats. It's great to see NIST leading the way in this crucial area, and I completely agree that transitioning to these new standards should be a top priority for system administrators. It’s a forward-thinking move that will help safeguard everything from sensitive communications to financial transactions in the years to come.

Reply
Caute_cautim
Community Champion
‎10-12-2024 10:06 PM
‎10-12-2024 10:06 PM

@JohnMansoryyy    As long as organisations take action and do something about and not leave until the Chinese have officially broken public key cryptography using Quantum Computing as all hell will break loose in panic mode....  which is definitely not good at all.

 

Regards

 

Caute_Cautim

Reply
0 Kudos
greasepump2
Viewer
‎11-10-2024 07:08 AM
‎11-10-2024 07:08 AM

The release of the first three finalized post-quantum encryption standards by NIST is a significant step toward securing digital systems against the future threat of quantum computing. These standards will enhance data protection and ensure cybersecurity resilience. Just as a grease pump maintains machinery efficiency by delivering precise lubrication, these encryption standards are crucial for safeguarding sensitive information and maintaining the integrity of digital communications in the quantum era.

Reply