NIST official says post-quantum environment still years away

Despite recent industry claims of quantum supremacy, an official from the National Institute of Standards and Technology said there's no near-term danger that modern tools will be able break current encryption methods.

NIST is currently working on a number of initiatives to develop more modern cryptographic algorithms to help federal agencies resist codebreaking efforts from quantum computers as well as new standards for smaller "lightweight" and internet-of-things devices that have become more prevalent over the past decade.

Those initiatives are still under development, and researchers have always envisioned a slow transition from current encryption standards over the next two to five years. However, in October, Google released a research paper claiming that it had developed a 54-qubit processor capable of performing in 200 seconds calculations that would require 10,000 years for the world's most powerful supercomputer to process.

Other researchers, such as IBM's quantum team, have disputed those claims and argued that classical systems would be able to perform the task described by Google in about two and a half days. Now, Matthew Scholl, chief of the Computer Science Division at NIST, told members at a recent Information Security Privacy Advisory Board meeting that the agency still believes "relevant" quantum codebreaking is still years away.

"I want to assure people that the step from Google's announcement of quantum supremacy to having a quantum machine that is cryptographically relevant -- meaning something that will actually be able to break our current public-key infrastructure -- is really a significantly wide gap," Scholl said.

Despite Google's claims, which Scholl noted were "under some debate," the agency is still holding firm on its belief that agencies can slowly switch out their older encryption protocols over the coming years without leaving themselves exposed.

"We still feel quite confidently -- not just NIST but the global community that we're working with -- that the timeline that we're on for developing and deploying quantum-resistant encryption standards is still relevant," he said. "So we're still looking at 2022 to 2024 for having those standards complete."

The agency has already gone through two rounds of evaluating submissions for replacement post-quantum algorithms and met in August to examine not just the cryptographic strength of those proposals but also their performance and how disruptive they might be if they were used as replacements for certain systems and devices.

Scholl said NIST is working with the National Cybersecurity Center of Excellence and industry partners to develop a guidance document to assist organizations as they work through the cost and technical difficulties associated with transitioning from older forms of encryption to the newer post-quantum algorithms. However, he reiterated that those standards are still being evaluated and developed, and agencies shouldn't move too quickly to replace their encryption before the new standards are fully vetted.

"Folks are asking us, 'I need to buy something quantum safe now, what should I buy now?' and what we're telling them is 'Nothing," Scholl said. "Buy nothing now but know where the items are that you need to have in place, know what those items are protecting and then start to prioritize when buying is appropriate."