CWI involved in two primary Post-Quantum Cryptography standards

Cryptographic standards to protect sensitive electronic data against the threat of quantum computers have finally been selected by the US National Institute of Standards and Technology (NIST). Léo Ducas from CWI's Cryptology group is involved in the two primary schemes of the upcoming portfolio.

Publication date
21 Jul 2022

Cryptographic standards to protect sensitive electronic data against the threat of quantum computers have finally been selected by the US National Institute of Standards and Technology (NIST) as announced on 5 July. Léo Ducas from CWI's Cryptology group is involved in the two primary schemes of the upcoming portfolio; one for public-key encryption and one for digital signatures. These new standards are meant for global deployments, reaching billions of users.

In order to protect sensitive data against attacks from quantum computers, several approaches of cryptography can be possible. In order to standardize this next-generation cryptography, the National Institute of Standards and Technology (NIST) has examined several approaches in a competition-like process over the last 5 years. Its focus is on public-key encryption schemes and on digital signatures schemes that combine high performance and general applicability with security in the face of possible future quantum computing.

Four future standard schemes

CWI researcher Léo Ducas is involved in the two primary upcoming standards, namely, the public-key encryption scheme (CRYSTALS-KYBER) and the digital signatures (CRYSTALS-DILITHIUM). Two additional signatures were also selected (FALCON and SPHINCS+).

International collaboration

Both proposals are the result of a multi-national collaborative effort, which included Centrum Wiskunde & Informatica (CWI), ENS Lyon, Radboud University, Ruhr University Bochum, University of Waterloo, IBM, NXP, ARM, SRI International, Florida Atlantic University and Tsinghua University.

Léo Ducas says: “The selection of our schemes as a standard means that it will be deployed globally, protecting the privacy of billions of users; fundamental research rarely gets such a direct and broad impact. The credit should go to the whole cryptographic research community; the schemes we proposed are merely the crystallization of decades of scientific effort.“

What’s next ?

All the selected candidates are now drafts for standards, with a final version expected within a year. The portfolio of standards might grow further in coming years, given that a few more schemes have been placed into a 4th round, and that a new call for more digital signatures schemes is expected.

Leading expert

Léo Ducas is a senior researcher in CWI's Cryptology group and a leading international expert on lattice-based cryptography, and a Professor of Mathematical Cryptology at Leiden University. His contributions to the cryptanalysis of lattices have impacted the design and parametrization of lattice-based proposals.


Prof. Léo Ducas (CWI and UL). Picture: CWI. 

More information

Header photo: Shutterstock