NIST Previews Post-Quantum Cryptography Challenges

To help prepare organizations for post-quantum cryptography, the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence has released the final version of a white paper, “Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms.”

Since 2016, NIST has been working with researchers to develop cryptographic algorithms that will be strong enough to resist the privacy and security threats quantum computers will pose. While those new algorithms will likely be ready before quantum computers are widely used, the transition from today’s standards to the new post-quantum public-key standards “is likely to be more problematic than the introduction of new classical cryptographic algorithms,” the paper states. “In the absence of significant implementation planning, it may be decades before the community replaces most of the vulnerable public-key systems currently in use.”

One problem is that existing encryption standards can’t simply be replaced with quantum-resistant ones. Some quantum-resistant candidate algorithms involve extremely large signature sizes, require excessive processing and use very large public or private keys that would make the solution difficult to implement widely. Even when secure operations are possible, NIST says, “performance and scalability issues may demand significant modifications to protocols and infrastructures.”

As a result, there might need to be a variety of post-quantum algorithms to overcome implementation constraints, like sensitivity to large signature sizes. Another option would require modifying existing protocols to handle larger signatures. In any case, the report says, replacing cryptographic algorithms will be a large and complex operation that requires “changing or replacing cryptographic libraries, implementation validation tools, hardware that implements or accelerates algorithm performance, dependent operating system and application code, communications devices and protocols, and user and administrative procedures.”

Consequently, detailed migration roadmaps and playbooks must be developed to help organizations first discover where and how public-key cryptography is currently being used and then determine where migration to post-quantum cryptography will be required. In some cases, migration from classical to post-quantum encryption may involve temporarily depending on hybrid algorithms. If requirements for some use cases can be defined early enough, they can be fed into the standards development process.

“We need to determine where, why, and with what priority vulnerable public-key algorithms will need to be replaced, and we need to understand the constraints that apply to specific use cases,” NIST states. “These initial steps in developing and implementing algorithm migration playbooks can and should begin immediately.”

NIST invites those interested to join the Applied Cryptography Community of Interest and submit comments regarding the white paper, upcoming workshops and other near-term activities like the migration playbook by sending an email to

Read more at: GCN