NIST’s PQC procedure advances IBM’s quantum-safe signature algorithms. IBM expands its commitment to post-quantum security by collaborating with FAEST, a symmetric-based signature system designed for next-generation cryptographic protection.
With four contenders remaining in the most recent Additional Quantum-Safe Digital Signature Competition selection process, IBM’s cooperative efforts continue to be prominent as NIST reduces the pool of potential candidates for the future of quantum-safe digital signatures.
A global concern now is protecting digital communication from potential dangers as the world gets ready for the arrival of quantum computing. The US National Institute of Standards and Technology (NIST) has been spearheading the organization’s Post-Quantum Cryptography (PQC) Standardisation effort in response to this difficulty. In this endeavour, IBM and its industry and academic partners have been instrumental.
IBM has previously demonstrated its leadership in developing secure computing solutions by having some of its cryptographic algorithms, such as ML-KEM, ML-DSA, and SLH-DSA, standardised by NIST. Furthermore, FN-DSA has been chosen for standardisation and will soon undergo formal standardisation. IBM once again submitted three new options in response to NIST’s 2023 request for additional solutions for digital signatures.
A collaborative approach to post-quantum security
IBM didn’t work alone to contribute to the first round of NIST’s Additional Digital Signatures selection process. Teams of IBM researchers and specialists from universities and other research institutes throughout the world created each of the three signature schemes: SQIsign, UOV, and MAYO. This illustrates how collaborative quantum-safe cryptography research is, requiring knowledge from other disciplines to create safe and effective methods. To be more specific, the plans were:
SQIsign
A distinct isogeny-based signature scheme that, despite being a little slower than many other quantum-safe signatures, has some of the shortest public key sizes and signature sizes among post-quantum candidates. Researchers with extensive knowledge of elliptic curve isogenies from several institutions collaborated on this study.
UOV (Unbalanced Oil and Vinegar)
UOV is a well-known multivariate signature scheme that has been researched for many years. To enhance its security and performance for post-quantum applications, IBM Research collaborated extensively with cryptographers from different institutions. UOV features slightly larger public keys, tiny signatures, and good performance.
MAYO
A multivariate-based signature method based on UOV that seeks to significantly reduce the size of the public key while maintaining compact signatures, high security, and good performance.
NIST reduced the number of applicants from 40 to 14 in October 2024. All three of IBM Research’s submissions made it to the second round, indicating that they could be safe substitutes in a world when quantum technology is safe. After being submitted to NIST in February, the updated and improved candidates are now accessible on the NIST website. They promise stronger security foundations and better performance across the board.
Expanding collaborative efforts: IBM joins FAEST
Beyond its initial three submissions, IBM Research is dedicated to working with others in the field of quantum-safe cryptography. IBM researchers joined the FAEST team in the second round of the NIST competition. FAEST is a symmetric-based signature system that provides robust security assurances by utilising well-understood cryptographic primitives. In order to build a practical, effective, and secure post-quantum signature method, professionals from academia, industry, and research organisations collaborated on the plan.
What’s next
The joint efforts of IBM, university, and other research lab researchers will be essential in improving the security and performance of all four of these schemes, which are currently undergoing thorough examination in the second round. The global nature of the NIST PQC standardisation process highlights the value of collaboration in tackling the previously unheard-of difficulties presented by quantum computing.
IBM Research’s participation in these submissions stems in the commitment to collaborating with the larger research community to guarantee a secure digital future, as well as its deep understanding of cryptography. As these initiatives proceed, more cooperation will be necessary to create cryptographic standards that are resilient to the quantum age.
It’s crucial to emphasise that, as NIST has said, users shouldn’t wait to implement quantum-safe algorithms because of the continuous selection process for digital signatures. Since the ML-KEM, ML-DSA, and SLH-DSA standards are already great options, decision-making should be influenced by the need to implement them as soon as possible in order to become quantum safe.
