In the rapidly evolving landscape of cybersecurity, the advent of quantum computing presents both unprecedented opportunities and significant threats. As we stand on the brink of a quantum revolution, the need for robust, quantum-resistant cryptographic solutions has never been more urgent. This post delves into the critical importance of adopting NIST-approved post-quantum cryptographic algorithms, with a particular focus on ML-KEM (formerly known as CRYSTALS-Kyber), to secure mobile devices for data in transit and data at rest. We will also compare these advancements with the established NIST 140-2 standards, highlighting why ML-KEM represents a superior choice for future-proof security.
Note that earlier in the week (on September 23rd, 2024), Purism demonstrated our ML-KEM solution and video in the post – Quantum Safe Communication with Purism.
The post below provides additional detail and color on the evolving NIST standards and how they play alongside the legacy NIST 140-2(3) standards for Data at Rest and Data in Transit (DAR/DIT).
Quantum computers leverage the principles of quantum mechanics to perform calculations at speeds unattainable by classical computers. While this technology promises breakthroughs in various fields, it also poses a significant threat to current cryptographic systems. Traditional encryption methods, such as RSA and ECC, rely on mathematical problems that quantum computers can solve exponentially faster. This vulnerability necessitates the transition to quantum-resistant algorithms to ensure the continued security of our digital infrastructure.
The National Institute of Standards and Technology (NIST) has been at the forefront of developing and standardizing post-quantum cryptographic (PQC) algorithms. After a rigorous multi-year evaluation process, NIST selected several algorithms for standardization, including ML-KEM. These algorithms are designed to withstand the computational power of quantum computers, ensuring the security of data in a post-quantum world.
ML-KEM, or Module-Lattice-Based Key-Encapsulation Mechanism, is one of the leading PQC algorithms selected by NIST. Its security is based on the hardness of solving the Learning With Errors (LWE) problem over module lattices, a problem considered difficult for both classical and quantum computers[1].
Mobile devices are ubiquitous, serving as primary tools for communication, banking, and personal data storage. The security of these devices is paramount, given their widespread use and the sensitive information they handle. Implementing NIST PQC algorithms like ML-KEM in mobile computing ensures that data remains secure even as quantum computing capabilities advance.
NIST 140-2, or the Federal Information Processing Standard (FIPS) 140-2, specifies the security requirements for cryptographic modules protecting sensitive but unclassified information in computer and telecommunications systems [2]. While NIST 140-2 has been instrumental in establishing baseline security standards, it does not address the unique challenges posed by quantum computing.
Transitioning to PQC involves several challenges, including computational overhead, integration with existing systems, and ensuring widespread adoption. However, these challenges can be mitigated through:
As noted earlier in the week, Purism has already implemented PQC.
Please see a link here to view our working example Quantum Safe Communication with Purism
The strongest possible security is offered by Purism, whereby secure Made in USA end user devices hold your post quantum cryptographic keys under your control. You are then in a quantum safe communication environment and can happily state “We are Quantum Safe!” With Purism you can follow the NIST encouragement and implement these new standards today.
The transition to NIST-approved post-quantum cryptographic algorithms, particularly ML-KEM, is not just a technological upgrade but a necessity to safeguard our digital future. As quantum computing continues to evolve, the adoption of quantum-resistant cryptographic standards will ensure that our data remains secure, protecting the integrity and privacy of information in mobile computing and beyond. By embracing these advancements, we can build a resilient and secure digital infrastructure capable of withstanding the challenges of a post-quantum world.
Purism is at the forefront of securing mobile devices and the data stored and transferred between them.
Contact sales@puri.sm to learn more about post quantum cryptographic communication and how you can become quantum safe.
[1]: NIST. (2023). Post-Quantum Cryptography Standardization. Retrieved from NIST PQC
[2]: NIST. (2002). Security Requirements for Cryptographic Modules (FIPS 140-2). Retrieved from NIST FIPS 140-2
Model | Status | Lead Time | ||
---|---|---|---|---|
Librem Key (Made in USA) | In Stock ($59+) | 10 business days | ||
Librem 5 | In Stock ($699+) 3GB/32GB | 10 business days | ||
Librem 5 COMSEC Bundle | In Stock ($1299+) Qty 2; 3GB/32GB | 10 business days | ||
Liberty Phone (Made in USA Electronics) | Backorder ($1,999+) 4GB/128GB | Estimated fulfillment early November | ||
Librem 5 + SIMple (3 GB Data) | In Stock ($99/mo) | 10 business days | ||
Librem 5 + SIMple Plus (5 GB Data) | In Stock ($129/mo) | 10 business days | ||
Librem 5 + AweSIM (Unlimited Data) | In Stock ($169/mo) | 10 business days | ||
Librem 11 | Backorder ($999+) 8GB/1TB | Estimated fulfillment mid-October | ||
Librem 14 | In Stock ($1,370+) | 10 business days | ||
Librem Mini | Backorder ($799+) | Estimated delivery November | ||
Librem Server | In Stock ($2,999+) | 45 business days |