NIST Published the Drafts of the Forthcoming PQC Standards
The long-awaited drafts of the future standards for post-quantum cryptography (PQC) have been published. Xiphera will react to this with modified versions of the products in the xQlave® PQC family.
On Thursday August 24, the U.S. National Institute of Standards and Technology, NIST, published the long-awaited drafts of the future standards for post-quantum cryptography (PQC). The algorithms that are the basis for these standards have been known already since summer 2022 when NIST announced CRYSTALS-Kyber, CRYSTALS-Dilithium, Falcon, and SPHINCS+ as the winners of Round 3 of the NIST PQC competition. Specifically, NIST now released three documents and requests comments for them:
- FIPS 203 (Draft): Module-Lattice-Based Key Encapsulation Mechanism Standard
- FIPS 204 (Draft): Module-Lattice-Based Digital Signature Standard
- FIPS 205 (Draft): Stateless Hash-Based Digital Signature Standard
FIPS 203 describes three algorithms ML-KEM-512, ML-KEM-768, and ML-KEM-1024 targeting three different security levels. They are based on the Kyber variants Kyber-512, Kyber-768, and Kyber-1024, respectively.
FIPS 204 similarly describes three algorithms ML-DSA-44, ML-DSA-65, and ML-DSA-87 based on Dilithium-2, Dilithium-3, and Dilithium-5.
FIPS 205 includes in total 12 algorithms for three different security levels, two options for the underlying hash standards (SHA-2 or SHAKE-256), and either relatively small signatures or fast signing.
The announced winners of Round 3 included also a fourth algorithm called FALCON, which is another digital signature algorithm. A draft for a standard based on FALCON was not released in this batch, but NIST says that it intends to develop a standard for FALCON later.
The drafts of FIPS 203, 204, and 205 are now open for commenting until November 22, 2023. NIST then takes the received comments into account and proposes the standards for approval to the U.S. Secretary of Commerce. It is likely that the final standards will be available during 2024.
The algorithms to be standardised include a few changes compared to the submission versions of CRYSTALS-Kyber, CRYSTALS-Dilithium, and SPHINCS+. The changes are relatively small and include changes in the lengths of certain hash values, slightly modified Fujisaki-Okamoto transform for Kyber, removal of certain hash computations that were safeguarding against flawed random number generators, changes on the way how specific seed values are to be generated, small modifications of which hash functions are used inside the algorithms, etc.
Xiphera will soon release modified versions of the xQlave® family of post-quantum cryptography so that they comply with these changes. “We anticipate that the changes will not have major impacts on the resource requirements or performance of the products”, says Kimmo Järvinen, co-founder and CTO of Xiphera.
Read more about Xiphera's xQlave® family of quantum-secure cryptography.
Related Semiconductor IP
- Ultra-Low-Power LPDDR3/LPDDR2/DDR3L Combo Subsystem
- Parameterizable compact BCH codec
- 1G BASE-T Ethernet Verification IP
- Network-on-Chip (NoC)
- Microsecond Channel (MSC/MSC-Plus) Controller
Related Blogs
- NIST announced the winners of the PQC competition
- Future of PQC on OpenTitan
- From DIY To Advanced NoC Solutions: The Future Of MCU Design
- Guarding against the threat of clock attacks with analog IP
Latest Blogs
- What Does a GPU Have to Do With Automotive Security?
- Physical AI at the Edge: A New Chapter in Device Intelligence
- Rivian’s autonomy breakthrough built with Arm: the compute foundation for the rise of physical AI
- AV1 Image File Format Specification Gets an Upgrade with AVIF v1.2.0
- Industry’s First End-to-End eUSB2V2 Demo for Edge AI and AI PCs at CES