Every secure online system uses cryptographic systems to keep information private. Many use a cryptographic system called public-key cryptography. The main idea behind this system is that each user has a pair of keys. A public key that everyone has access to, and private keys only the user has access to. Someone sending a message can use the receiver’s public key to encrypt a message, but the message can only be decrypted with the receiver’s private key. The majority of public key cryptography systems generate their keys using methods that are theorized to be difficult to reverse on traditional computers, but recently steady progress has been made in building large-scale quantum computers. These quantum computers are able to reverse the process of key generation which breaks the cryptographic system. As a result many institutions have intensely researched cryptographic algorithms that are “post-quantum.”
The National Institute of Standards and Technology (NIST) is holding a multi-round competition to select which of these proposed algorithms will be standardized. This article describes the algorithms of the 26 second-round candidates, and their benefits and weaknesses. They also state the seven finalists and eight alternates which will move onto the final selection round. The algorithms were chosen based on their performance on various machines, security capability, and algorithm implementation characteristics. The algorithms that are standardized are going to be used by various organizations of the U.S. Government to protect sensitive information.
Author:
Gorjan Alagic (NIST), Jacob Alperin-Sheriff (NIST), Daniel Apon (NIST), David Cooper (NIST), Quynh Dang (NIST), John Kelsey (NIST), Yi-Kai Liu (NIST), Carl Miller (NIST), Dustin Moody (NIST), Rene Peralta (NIST), Ray Perlner (NIST), Angela Robinson (NIST)
