Safeguarding AFCYBER's Critical Infrastructure

  • Published
  • By 688 CW
  • 688 CW

TOPIC SPONSOR: 688 CW

The software, standards, and protocols that form AFCYBER’s digital infrastructure are critical to mission capability and performance. Their criticality requires commensurate cybersecurity. Since 2016, the National Institute of Standards and Technology (NIST) has evaluated various commercially available post-quantum cryptography (PQC) software applications whose cryptographic algorithms (typically, public-key) were designed specifically to withstand cryptanalytic attacks by a quantum computer. NIST found, however,  that given sufficient quantum-computing power, all available cryptographic applications could be defeated by Shor’s algorithm. Thus, NIST began to explore applications that went beyond public-key cryptography. After several years of evaluation, NIST identified four quantum-resistant cryptologic algorithms. The PQC technology selected for general encryption is the CRYSTALS-Kyber algorithm, whereas the other three applications--CRYSTALS-Dilithium, FALCON, and SPHINCS+--employ digital signature technology. This research proposal calls for further evaluation of these NIST-evaluated PQC algorithms in an AFCYBER operational context, with an emphasis on critical digital infrastructure.