NIST Updates Digital Signature Standard to Protect Sensitive Data
The National Institute of Standards and Technology has published an updated version of its digital signature standard to enhance the protection of sensitive data.
Included in Federal Information Processing Standard 186-5 are three algorithm techniques that can be used to generate and verify digital signatures, namely the Rivest-Shamir-Adleman algorithm, the Elliptic Curve Digital Signature Algorithm and the Edwards Curve Digital Signature Algorithm.
Along with FIPS 186-5, the agency published a companion document that specifies two new Edwards curves recommended for use with the EdDSA algorithm. Compared to traditional curves, Edwards curves provide increased performance, side-channel resistance and simpler implementation, NIST said.
The algorithms are not meant to increase resistance to attacks from a large-scale quantum computer. Digital signature algorithms that will secure data from quantum computers will be included in future NIST publications.
The agency previously announced quantum-resistant algorithms following its yearslong research for post-quantum cryptography standardization. In 2016, NIST initiated a process to solicit, evaluate and standardize quantum-resistant public-key cryptographic algorithms and selected CRYSTALS-Kyber, a public-key encryption algorithm, and CRYSTALS-Dilithium, a digital signature algorithm, as its top two chosen quantum-safe standards after its research effort concluded in 2022.
In a previous House subcommittee hearing, Charles Robinson, a quantum computing public sector leader at IBM, emphasized the need to urgently expand and diversify the quantum ecosystem and future-proof encryption systems. He called for the implementation of proactive measures, noting that large-scale quantum computers could break widely used cryptography in the future.
The U.S. government recognized the importance of having quantum-secure capabilities. In December, President Joe Biden signed the Quantum Computing Cybersecurity Preparedness Act, which encouraged government agencies to employ technologies that can withstand post-quantum decryption.
Category: Federal Civilian
Tags: algorithm data protection digital signature standard federal civilian NIST quantum computer