NIST publishes quantum resistant encryption algorithms – Tutanota already uses them in a prototype!

CRYSTALS-Kyber and CRYSTALS-Dilithium have proven to be the best choice for quantum resistant encryption in our email prototype.

2022-07-07
NIST publishes quantum resistant encryption algorithms.
Encryption is the best tool to protect your private data. To make sure your data stays secure in the future, post-quantum secure encryption is needed. Now, NIST pushes ahead with CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, SPHINCS+ algorithms to harden encryption against future attacks from quantum computers. We at Tutanota have already built a prototype with these same algorithms. We plan to upgrade the encryption in Tutanota well before quantum computers are able to break currently used algorithms.
SIGN UP

Tutanota has already developed a working prototype to securely encrypt emails with the now defined algorithms by NIST, namely CRYSTALS-Kyber and CRYSTALS-Dilithium. “The algorithms now picked by NIST have proven to the best choice for quantum resistant encryption in our email prototype”, explains Vitor Sakaguti, member of the research project PQMail.

PQMail research project

During the research project that Tutanota executed together with the L3S research institution of Leibniz University Hanover, the researchers evaluated all NIST algorithms from Round Two in regards to security, a low resource impact and a fast performance before settling on CRYSTALS-Kyber and CRYSTALS-Dilithium.

NIST candidates: CRYSTALS-KYBER & CRYSTALS-Dilithium

Now, NIST said in a statement that they “recommend two primary algorithms to be implemented for most use cases: CRYSTALS-KYBER (key-establishment) and CRYSTALS-Dilithium (digital signatures)”.

“That these algorithms have now been picked as final candidates by NIST is the best case scenario for us”, says Vitor. “At the same time, it does not surprise us that NIST settled on these algorithms as they performed the fastest. Our protocol was designed to theoretically being able to work with any of the candidates from the NIST competition, but our performance tests showed that the CRYSTALS family would provide the best experience for our users.”

“CRYSTALS-Kyber and CRYSTALS-Dilithium had the lowest resource impact (key and signature sizes) and were the fastest while still providing the security levels we were targeting, that is, at least as secure as 128 bit security with current algorithms on classical computers.”

Next steps: Harden security

The next step of NIST, Round Four, is being eyed closely by the cybersecurity community, and particularly by us at Tutanota: “Now we are going to see a lot of effort going into trying to break these algorithms. This is a good thing: We want researchers to find any possible weaknesses so that they can be fixed. The more mature these algorithms get, the more confident we can be about the security of our protocol”, adds Vitor.

The selection process of NIST is going exactly as it should to achieve cryptographic resilience. For instance one of the already ruled out candidates in the NIST process has been proven to be completely broken: The algorithm Rainbow can be broken within two days – not with a quantum computer, but with a normal laptop, according to researchers from IBM.

Tutanota secure data automatically

By investing early-on in post-quantum secure encryption we at Tutanota deliver on the promise made to our users: to build the most secure email service out there.

The next step for us will be to implement the new post-quantum secure encryption protocol into Tutanota itself. Once that is completed, millions of Tutanota users will instantly benefit from post-quantum secure encryption.

As the migration to new algorithms is done automatically in Tutanota, users will not have to do anything. Once the new protocol is implemented, all data stored in Tutanota – that is emails, contacts, and calendars – are automatically encrypted with the new algorithms.

This will safeguard all data of millions of users against attacks from quantum computers.

SIGN UP
Author
Black and white picture of Matthias thinking and looking to the right side.
Matthias is co-founder and developer of Tuta, focusing on backend development, architecture and email processing. He writes code and political comments to fight for our human right to privacy. He wants to create an encrypted cloud collaboration platform which is so easy to use and so secure that it locks out all the spies. We all deserve a better internet - one where privacy is the default.
Top posts
Threat Modeling In 2024: Your Guide For Better Security
10 Best Private Email Services in 2024
Google Pays 1150 Times More for Its Search Monopoly Than for Lobbying in the EU & US
Why Use A Password Manager - And Our Top 3!
Anonymous email: Create an email address without a phone number.
The Illusion Of "Swiss Privacy" Being The Best
10 best free email accounts in 2024
Latest posts
Google Search Is A Problem: How Google Is Crushing Tuta.
The XZ Backdoor and the importance of Open Source Software
Apple is finally giving you the choice: Take it and install a private browser right now!
The Russian Hacker Group Sandworm is Back: New Kapeka Malware Secretly Infecting Systems Since 2022
Terminate subscription
Company
Community
Team
Jobs
Terms
Privacy
Legal notice
Development
Changelog
Roadmap
Security
Encryption
Open Source
GitHub
Features
Secure Email
Encrypted Calendar
Business
Support
Forum
Press
Support
Language
English
Translate