In “The Road Ahead: Post Quantum Cryptography” [1], we discussed the great progress that has been happening in the world of standardization for Post Quantum Cryptography. And on June 7, this world will reach a new milestone as NIST commences the Third PQC Standardization Conference [2]. This is an important event to both review and deepen the current level of understanding of the algorithms remaining in the NIST PQC Standardization Process. The entire community has come together to drive this years-long effort, and even though we can now all see some light at the end of the tunnel, there is still some uncertainty within the community regarding some important aspects of the algorithms NIST might select for standardization.
One of the goals of cryptographic standardization is to provide clarity on the cryptography that organizations should use and clear recommendations for how to appropriately use that cryptography. With this clarity, companies will know which algorithms to use in the products they are updating or planning to build, and the best practices for integrating those algorithms. Consequently, the clarity provided by cryptographic standards can be a crucial component for the success of products that rely, even indirectly, on cryptography.
But this clarity is also important for other entities as well, such as for Standards Development Organizations (SDOs) and regulators. With clarity of the algorithms and their usages, SDOs will be able to define new protocol standards, and better direct their plans for future standardization. For example, these SDOs will know which post quantum Key Encapsulation Mechanisms and Signature algorithms they need to include in new protocols or in future versions of current protocols. On the regulatory side, auditors and risk assessors will have the information they need to assess the cryptographic posture of an organization and to help finalize their post quantum migration plans.
ISARA believes strongly in the NIST process and in standardization globally, as evidenced by our continued participation in organizations such as ETSI, ITU-T, IETF and many others. To help provide the community with clarity, and to encourage adoption of Post-Quantum Cryptography, ISARA wants to clear up any questions related to IP that may exist. This is why we published our IP Grant to the NIST process in October of 2020. With this grant, ISARA is providing a royalty-free, global, license to any of our IP that may be required for any schemes selected by the NIST process. More details can be found at www.isara.com/nist-grant.
While the NIST process is in Round 3, we still have a long way to go globally in preparing companies for the transition to Quantum-Safety. ISARA is excited to continue to support the international standards efforts to create clear and accessible cryptography standards.
[1] https://www.isara.com/blog-posts/the-road-ahead-post-quantum-cryptography.html
[2] https://csrc.nist.gov/events/2021/third-pqc-standardization-conference