Data security is the cornerstone of every business operation. Today, the security of sensitive data and communication depends on traditional cryptography methods, such as the RSA algorithm. While such algorithms secure against today’s threats, organizations must continue to look forward and begin to prepare against upcoming risk factors.
The National Institute of Standards and Technology (NIST) published its first set of post-quantum cryptography (PQC) standards. This landmark announcement is an important marker in the modern cybersecurity landscape, cementing the indeterminate future of post-quantum cryptography as an important cybersecurity priority for enterprises, government agencies and supply chain vendors.
NIST has finalized the three following PQC standards to strengthen cryptography infrastructure for the quantum era:
ML-KEM (derived from CRYSTALS-Kyber) — a key encapsulation mechanism selected for general encryption, such as for accessing secured websites
ML-DSA (derived from CRYSTALS-Dilithium) — a lattice-based algorithm chosen for general-purpose digital signature protocols
SLH-DSA (derived from SPHINCS+) — a stateless hash-based digital signature scheme
Since as early as 2021, NIST has been encouraging organizations to begin planning and preparing for the transition toward quantum-safe. The finalization and release of these three PQC standards is the assurance and guidance many organizations need to embrace and begin the process of transforming to crypto-agility.
