NIST’s post-quantum computing cryptography standard process is entering its final phases. It
the first four algorithms:
For general encryption,
used when we access secure websites, NIST has selected the
algorithm. Among its advantages are comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation.
For digital signatures,
often used when we need to verify identities during a digital transaction or to sign a document remotely, NIST has selected the three algorithms
(read as “Sphincs plus”). Reviewers noted the high efficiency of the first two, and NIST recommends CRYSTALS-Dilithium as the primary algorithm, with FALCON for applications that need smaller signatures than Dilithium can provide. The third, SPHINCS+, is somewhat larger and slower than the other two, but it is valuable as a backup for one chief reason: It is based on a different math approach than all three of NIST’s other selections.
NIST has not chosen a public-key encryption standard. The remaining candidates are
I have a lot to say on this process, and have written an essay for
IEEE Security & Privacy
about it. It will be published in a month or so.