Fifth quantum-secure encryption algorithm selected
The US National Institute of Standards and Technology (NIST) has chosen a new algorithm for post-quantum encryption.
The HQC algorithm is intended to serve as a backup for ML-KEM, the main algorithm for general encryption with key encapsulation. HQC is based on different set of mathematical operations to ML-KEM, which could be important if a weakness were discovered in ML-KEM and provides redundancy.
ML-KEM algorithm is built around structured lattices, while HQC uses error-correcting codes, which have been used in information security for decades.
NIST plans to issue a draft standard incorporating the HQC algorithm in about a year, with a finalized standard expected in 2027.
Last year, NIST standardized a set of encryption algorithms that can keep data secure from a cyberattack by a future quantum computer. HQC is a second line of defence for general encryption to safeguard internet traffic and stored data.
NIST has been working for more than eight years on encryption algorithms that even a quantum computer cannot break and last year published an encryption standard based on the ML-KEM quantum-resistant algorithm called.
HQC is not intended to take the place of ML-KEM, which will remain the recommended choice for general encryption, said Dustin Moody, a mathematician who heads NIST’s Post-Quantum Cryptography project.
“Organizations should continue to migrate their encryption systems to the standards we finalized in 2024,” he said. “We are announcing the selection of HQC because we want to have a backup standard that is based on a different math approach than ML-KEM. As we advance our understanding of future quantum computers and adapt to emerging cryptanalysis techniques, it’s essential to have a fallback in case ML-KEM proves to be vulnerable.”
HQC is a lengthier algorithm than ML-KEM and therefore demands more computing resources, says Moody. However the secure operation convinced reviewers that it would make a worthy backup choice.
Three of the chosen algorithms have been incorporated into finished standards, including ML-KEM, which forms the core of the standard called FIPS 203. The other two finished standards, FIPS 204 and FIPS 205, contain digital signature algorithms to authenticate the identity of a sender, such as when remotely signing documents. The three finished standards are ready for use, and organizations have already started integrating them into their information systems. draft of the fourth standard, built around the FALCON algorithm, also concerns digital signatures and will be released shortly as FIPS 206.
HQC is the only encryption algorithm to be standardized from NIST’s fourth round of candidates, which initially included four algorithms meriting further study. NIST has released a report summarizing each of these four candidate algorithms and detailing why HQC was selected.
NIST plans to release a draft standard built around HQC for public comment in about a year. Following a 90-day comment period, NIST will address the comments and finalize the standard for release in 2027.
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
