Algorithm Selection for Encryption

In August 2024, the National Institute of Standards and Technology (NIST) finalized three encryption standards designed to protect data against potential threats from quantum computers. These standards are part of NIST’s ongoing efforts to develop cryptographic solutions resilient to quantum attacks, ensuring that sensitive information remains secure in a future where quantum computers could break traditional encryption methods. Summary of the Three Finalized Post-Quantum Encryption Standards: 1. FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) • Purpose: Designed for general encryption tasks, such as securing data exchanged over public networks. • Algorithm: Based on the CRYSTALS-Kyber algorithm, now referred to as ML-KEM. • Advantages: Offers relatively small encryption keys for efficient key exchange and operates with high speed. 2. FIPS 204: Module-Lattice-Based Digital Signature Algorithm (ML-DSA) • Purpose: Secures digital signatures, ensuring the authenticity and integrity of digital communications. • Algorithm: Uses the CRYSTALS-Dilithium algorithm, now called ML-DSA. • Advantages: Provides strong security for identity authentication and signing digital transactions. 3. FIPS 205: Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) • Purpose: Another approach for securing digital signatures, serving as an alternative method. • Algorithm: Utilizes the Sphincs+ algorithm, now named SLH-DSA. • Advantages: Based on a different mathematical approach compared to ML-DSA, designed as a backup in case vulnerabilities are found in lattice-based methods. Impact and Transition to Quantum-Secure Cryptography NIST encourages organizations to begin transitioning to these post-quantum cryptographic standards as soon as possible. Quantum computers, once they reach sufficient power, could compromise existing encryption systems, making proactive adoption essential for government agencies, financial institutions, and enterprises handling sensitive data. These new standards provide a robust foundation to protect communications, transactions, and identity verification in a quantum-resilient digital environment.

Last week #NIST released three post-#quantum #encryption standards. Why is this significant? Put simply, from a practical standpoint: risk management and compliance. First, on risk management: experts now say that quantum computing is less than a decade away. Quantum computers are expected to have the power to search large keyspaces very quickly, which means they will be able to decrypt current encryption. Moreover, it is entirely plausible that encrypted information recorded today is being stored for decryption when quantum computing becomes available. If you speculatively apply quantum-resistant encryption to your data now, you will reduce the risk of an adversary being able to successfully exploit your data when they have access to quantum computing. Second, on compliance: NIST is the governing body for standards in the USA, and many other nations take their encryption standards from NIST, as they do not have resources at the same scale as NIST. You can be certain that NIST-approved post-quantum algorithms will start being mentioned in various compliance checklists, as is the case currently with algorithms such as AES-256 and SHA-256. Note well that these algorithms have #FIPS numbers associated with them - meaning "Federal Information Processing Standard". Briefly, the approved algorithms are: 🔒 ML-KEM, for encrypted key exchange, as FIPS 203 🔒 ML-DSA, for digital signatures, as FIPS 204 🔒 SLH-DSA, for stateless hash-based digital signatures, as FIPS 205 There is a fourth algorithm, FN-DSA, also used for digital signatures, that is expected to be released in the next year.

𝗗𝗮𝘆 𝟴: 𝗗𝗮𝘁𝗮 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗼𝘀𝘁 𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗥𝗲𝗮𝗱𝗶𝗻𝗲𝘀𝘀 In today’s hyper-connected world, data is the new currency and the perimeter, and it is essential to safeguard them from Cyber criminals. The average cost of a data breach reached an all-time high of $4.88 million in 2024, a 10% increase from 2023. Advances in 𝗾𝘂𝗮𝗻𝘁𝘂𝗺 𝗰𝗼𝗺𝗽𝘂𝘁𝗶𝗻𝗴 further threaten traditional cryptographic systems by potentially rendering widely used algorithms like public key cryptography insecure. Even before large-scale quantum computers become practical, adversaries can harvest encrypted data today and store it for future decryption. Sensitive data encrypted with traditional algorithms may be vulnerable to retrospective attacks once quantum computers are available. As quantum technology evolves, the need for stronger data protection grows. Google Quantum AI recently demonstrated advancements with its Willow processors, which 𝗲𝗻𝗵𝗮𝗻𝗰𝗲𝘀 𝗲𝗿𝗿𝗼𝗿 𝗰𝗼𝗿𝗿𝗲𝗰𝘁𝗶𝗼𝗻 𝘂𝘀𝗶𝗻𝗴 𝘁𝗵𝗲 𝘀��𝗿𝗳𝗮𝗰𝗲 𝗰𝗼𝗱𝗲. These breakthroughs underscore the growing efficiency and scalability of quantum computers. To address these threats, Enterprises are turning to 𝗮𝗴𝗶𝗹𝗲 𝗰𝗿𝘆𝗽𝘁𝗼𝗴𝗿𝗮𝗽𝗵𝘆 to prepare for Post Quantum era. Proactive Measures for Agile Cryptography and Quantum Resistance: 1. 𝗔𝗱𝗼𝗽𝘁 𝗣𝗼𝘀𝘁-𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗔𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺𝘀 Transition to NIST-approved PQC standards like CRYSTALS-Kyber, CRYSTALS-Dilithium, Sphincs+. Use hybrid cryptography that combines classical and quantum-resistant methods for a smoother transition. 2. 𝗗𝗲𝘀𝗶𝗴𝗻 𝗳𝗼𝗿 𝗔𝗴𝗶𝗹𝗶𝘁𝘆 Avoid hardcoding cryptographic algorithms. Implement abstraction layers and modular cryptographic libraries to enable easy updates, algorithm swaps, and seamless key rotation. 3. 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲 𝗞𝗲𝘆 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 Use Hardware Security Modules (HSMs) and Key Management Systems (KMS) to automate secure key lifecycle management, including zero-downtime rotation. 4. 𝗣𝗿𝗼𝘁𝗲𝗰𝘁 𝗗𝗮𝘁𝗮 𝗘𝘃𝗲𝗿𝘆𝘄𝗵𝗲𝗿𝗲 Encrypt data at rest, in transit, and in use with quantum resistant standards and protocols. For unstructured data, use format-preserving encryption and deploy data-loss prevention (DLP) tools to detect and secure unprotected files. Replace sensitive information with unique tokens that have no exploitable value outside a secure tokenization system. 5. 𝗣𝗹𝗮𝗻 𝗔𝗵𝗲𝗮𝗱 Develop a quantum-readiness strategy, audit systems, prioritize sensitive data, and train teams on agile cryptography and PQC best practices. Agile cryptography and advanced data devaluation techniques are essential for protecting sensitive data as cyber threats evolve. Planning ahead for the post-quantum era can reduce migration costs to PQC algorithms and strengthen cryptographic resilience. Embrace agile cryptography. Devalue sensitive data. Secure your future. #VISA #PaymentSecurity #Cybersecurity #12DaysofCyberSecurityChristmas #PostQuantumCrypto

Quantum computing is advancing rapidly, bringing unprecedented processing power that threatens traditional encryption methods. The "collect now, decrypt later" strategy underscores the urgency of preparation, adversaries are already harvesting encrypted data with the intent to decrypt it once large-scale quantum computers become viable. Fortinet is leading the way in quantum-safe security, integrating NIST PQC algorithms, including CRYSTALS-KYBER, into FortiOS to safeguard data from future quantum-based attacks. "A recent real-world demonstration by JPMorgan Chase (JPMC) showcased quantum-safe high-speed 100 Gbps site-to-site IPsec tunnels secured using QKD. The test was conducted between two JPMC data centers in Singapore, covering over 46 km of telecom fiber, and achieved 45 days of continuous operation." "The network leveraged QKD vendor ID Quantique for the quantum key exchange, Fortinet’s FortiGate 4201F for network encryption, and FortiTester for performance measurement." This is not just a theoretical concern, organizations are already deploying quantum-safe encryption solutions. As quantum computing capabilities advance, organizations must adopt quantum-resistant security architectures and take proactive steps now to safeguard their sensitive information against future quantum-enabled attacks. These proactive methods include: -adopting hybrid cryptographic approaches, combining classical and PQC algorithms, ensuring interoperability and a phased transition -implementing crypto-agile architectures, for seamless updates to encryption mechanisms as new quantum-resistant standards emerge -leveraging PQC capable HSMs and TPMs -evaluating network security architectures, such as ZTNA models -ensuring authentication and access controls are resistant to quantum threats. -identifying mission-critical and long-lived data, that must remain secure for decades. -implementing sensitivity-based classification, determine which datasets require the highest level of post-quantum protection. -conducting risk assessments to evaluate data exposure, storage locations, and current encryption standards. -transitioning to quantum-resistant encryption algorithms recommended by NIST’s PQC standardization efforts. -establishing data-at-rest and data-in-transit encryption policies, mandate use of PQC algorithms as they become available. -strengthening key management practices -developing GRC frameworks ensuring adherence to post-quantum security. -implementing continuous cryptographic monitoring to detect and phase out vulnerable encryption methods. -enforcing regulatory compliance by aligning with emerging PQC standards. -establishing incident response plans to handle quantum-driven cryptographic threats proactively. Fortinet remains committed to pioneering quantum-safe encryption solutions, enabling organizations to stay ahead of emerging cryptographic threats. Read more from Dr. Carl Windsor, Fortinet’s CISO!

💡 Wow! This past week marked a major leap forward in rolling out post-quantum cryptography algorithms to protect against “store now, decrypt later” attacks with major updates in OpenSSL 3.5.0 & OpenSSH 10.0 ⬇️ 🔐 What is a “Store Now, Decrypt Later” attack? It’s a forward-looking threat, where adversaries capture encrypted data today and hold onto it, waiting until large-scale quantum computers are powerful enough to break current encryption algorithms (like RSA & ECC) using Shor’s algorithm and decrypt the data. This is particularly dangerous for sensitive long-term information like financial records, important intellectual property and national security data. 🛡️ Why last week’s updates matter: Both OpenSSH and OpenSSL took big steps in implementing post-quantum cryptography (PQC), algorithms designed to remain secure even against quantum computers. 🧩 OpenSSH 10.0 Highlights (https://lnkd.in/gP5q3q7M): • 🚫 Deprecated outdated DSA & classic Diffie-Hellman key exchanges. • 🔐 Default key exchange now uses MLKEM-768, a quantum-safe and NIST-standardized algorithm. • 🔒 Isolated the SSH authentication process into a separate memory space using ssh-auth, mitigating the impact of login-related vulnerabilities like Terrapin or RegreSSHion. 🔐 OpenSSL 3.5.0 Highlights (https://lnkd.in/gmtgVVzv): • ✅ Adds support for three newly standardized PQC algorithms: ML-KEM (Key Encapsulation), ML-DSA (Digital Signatures) & SLH-DSA (Hash-Based Signatures). • 🔄 Sets AES-256-CBC as the new symmetric default over older, weaker ciphers. • 📅 This is a Long-Term Support (LTS) release, supported through 2030. Kudos to the maintainers and contributors pushing these critical projects forward. The future of secure communication just got a lot more resilient. 😁 #CyberSecurity #PostQuantumCryptography #OpenSSL #OpenSSH #QuantumResistant #StoreNowDecryptLater #Encryption #Infosec #TechLeadership #PQC #NIST