June 1, 2022
Dustin Moody - NIST
Abstract. Since the 1990s, cryptographers have been aware that a large-scale quantum computer would be able to break the main public-key crypto algorithms we use today. In response, researchers have been working on designing cryptosystems which would not be vulnerable to this quantum threat. In 2016, NIST kicked off a competition-like process with the goal of finding quantum-resistant algorithms to standardize. Three rounds and six years later, NIST is about to announce the algorithms selected to include in it's public-key crypto standards. In this talk, the PQC team will recap the process, and explain how and why we selected what we did. We will also look at some of the challenges faced and lessons learned, as well as discuss what is still in store for the future.