Just a month ago, NIST announced its selection of three digital signature algorithms and one key establishment mechanism (KEM) for future use in quantum-resistant cryptography applications. Also, four algorithms for post-quantum key establishment were selected as candidates for the 4th round of evaluation, for potential standardization at a later time.
An over five-year-long process has come to a preliminary end: On July 5, 2022, NIST issued the long-awaited announcement of the winners of Round 3 of the NIST Post-Quantum Crypto (PQC) Standardization Process, that is, which quantum-resistant cryptographic algorithms NIST has selected for standardization.
Last month, one of the three NIST finalists for post-quantum signature schemes has received its final nail in the coffin: Ward Beullens, a PostDoc at IBM Research, published a practical key recovery attack against the Rainbow signature scheme.
During the last couple of weeks, a little shake went through parts of the security community. This was caused by a preprint by Professor Dr. Claus Peter Schnorr titled “Fast Factoring Integers by SVP Algorithms”, published on the IACR’s E-print Server.
The cryptographic protection of a system against attacks and malicious penetration depends on two dimensions: (1) The strength of the keys and the effectiveness of mechanisms and protocols associated with the keys; and (2) the protection of the keys through key management (secure key generation, storage, distribution, use and destruction).
In this article, we will review some of the constraints of an EMV tokenization solution when it comes to FIPS and more generally, NIST considerations.
