Slashdot Mirror
America's NIST Seeks Public Comments on Cybersecurity and Cryptography (thehill.com)
An anonymous Slashdot reader writes:
The National Institute of Standards and Technology has its own "Commission on Enhancing National Cybersecurity," and this week they issued a call for public comments on "current and future challenges" involving critical infrastructure cybersecurity, the concept of cybersecurity insurance, public awareness, and the internet of things (among other topics) for both the private and public sector.
Long-time Slashdot reader Presto Vivace quotes The Hill: it is specifically asking for projections on policies, economic incentives, emerging technologies, useful metrics and other current and potential solutions throughout the next decade... Comments will be due by 5 p.m. on September 9.
Internet services "have come under attack in recent years in the form of identity and intellectual property theft, deliberate and unintentional service disruption, and stolen data," writes NIST. "Steps must be taken to enhance existing efforts to increase the protection and resilience of the digital ecosystem, while maintaining a cyber environment that encourages efficiency, innovation, and economic prosperity."
Separately, NIST is also requesting comments on a new process to "solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms... If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere... NIST plans to specify preliminary evaluation criteria for quantum-resistant public key cryptography standards."
Long-time Slashdot reader Presto Vivace quotes The Hill: it is specifically asking for projections on policies, economic incentives, emerging technologies, useful metrics and other current and potential solutions throughout the next decade... Comments will be due by 5 p.m. on September 9.
Internet services "have come under attack in recent years in the form of identity and intellectual property theft, deliberate and unintentional service disruption, and stolen data," writes NIST. "Steps must be taken to enhance existing efforts to increase the protection and resilience of the digital ecosystem, while maintaining a cyber environment that encourages efficiency, innovation, and economic prosperity."
Separately, NIST is also requesting comments on a new process to "solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms... If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere... NIST plans to specify preliminary evaluation criteria for quantum-resistant public key cryptography standards."
Symmetric ciphers like AES are constructed in a fundamentally different way compared to public-key ciphers. Symmetric ciphers rely on confusion and diffusion, shuffling and mixing the bits of the input in such a way that it is very difficult to recover the plaintext unless you know the key that parameterized the process. Security is based on the complexity and non-linearity of the operations, but they are essentially very "messy" in how they transform plaintext into ciphertext. Take a look at a diagram describing AES and you will see what I mean.
Public-key ciphers on the other hand are conceptually simple but rely on the hardness of some fundamental mathematical operation, e.g. factoring, discrete log, etc. It turns out that there are quantum algorithms to solve some of these problems efficiently. It also turns out though that there is something called Grover's algorithm, which actually does let quantum computers break symmetric crypto faster than a standard computer. Fortunately, it only turns O(N) work into O(sqrt(N)), which is not that bad. Effectively this means that AES-128 only has 64 bits of security against a quantum computer, and AES-256 only has 128 bits.