October 25, 2024
The U.S. National Institute of Standards and Technology (NIST) has selected a group of candidate digital signature encryption algorithms, some of which might one day serve as additional post-quantum cryptography (PQC) standards.
As part of its continuing effort to secure digital information against the threat of future quantum computers, NIST is developing additional defenses that can serve as backups to the three PQC standards it published in August and the one it plans to release in draft form later this year.
Of these four standards, three are intended for use with digital signature encryption. Two of these three are based on a mathematical approach known as structured lattices, while the third, which is based on hash functions, operates too slowly to work well for some applications. To guard against the possibility that a vulnerability might be discovered with lattices, NIST would like a backup signature scheme that does not rely on structured lattices, but that also performs better than the hash-based standard.
To this end, NIST has selected a group of 14 candidate digital signature algorithms from a larger group of 40 eligible submissions it received after requesting candidate algorithms from the public in July 2022. NIST details the 14 algorithms and its selection process in its Status Report on the First Round of the Additional Digital Signature Schemes for the NIST Post-Quantum Cryptography Standardization Process (NISTIR 8528). The agency invites the public to consider these 14 algorithms during an evaluation period that will last at least a year. Another round of evaluation is likely, and NIST does not anticipate announcing which of these algorithms, if any, will be standardized until at least 2027.
The advancing digital signature algorithms are:
|
|
NIST Internal Report (IR) 8528 describes the evaluation criteria and selection process. Questions may be directed to pqc-comments@nist.gov. NIST thanks all of the candidate submission teams for their efforts in this standardization process as well as the cryptographic community at large, which helped analyze the signature schemes.
Moving forward, the second-round candidates have the option of submitting updated specifications and implementations (i.e., “tweaks”). NIST will provide more details to the submission teams in a separate message. This second phase of evaluation and review is estimated to last 12-18 months.
NIST is tentatively planning to hold a 6th NIST PQC Standardization Conference from September 24-26, 2025, in person at NIST in Gaithersburg, Maryland.
Source – U.S. NIST