- Modes of operation for block ciphers approved by NIST (source, updated February 12, 2018)
- Encryption: 6
- Authentication: 1
- Encryption with Authentication: 5
- Format-Preserving Encryption: 2
- Minimum key sizes approved by NIST (source, published January 2016)
- AES: 128 bits
- Diffie-Hellman: 2048 bits (617 digits)
- RSA: 2048 bits (617 digits)
- Digital Signature Algorithm: 2048 bits (617 digits) for public key, 224 bits (68 digits) for private key
- Elliptic Curve Cryptography: 224 bits (68 digits)
- Record for factoring a product of two large primes of general form (source, announced February 28, 2020):
n = 2140324650240744961264423072839333563008614715144755017797754920881418023447140136643345519095804679610992851872470914587687396261921557363047454770520805119056493106687691590019759405693457452230589325976697471681738069364894699871578494975937497937
(“RSA-250“, 829 bits, 250 digits)
- Record for finding a discrete logarithm modulo a prime (source, announced December 2, 2019):
- Record for finding a discrete logarithm in a finite field (source, announced July 10, 2019): Finite field has 230750 elements; size of the field is 30750 bits (14672 digits).
The finite field was obtained by taking polynomials in two variables, x and t, and reducing them modulo t30 + t + 1, modulo x1025 + x + t3, and modulo 2.The challenge was to take the logarithm ofwith respect to the generator g = x + t9 .
- Record for finding a discrete logarithm on an elliptic curve of general form modulo p (source, announced June 16, 2020):
p = 2256 – 232 – 29 – 28 – 27 – 26 – 24 – 1 = 115792089237316195423570985008687907853269984665640564039457584007908834671663
A ≡ 31464123230573852164273674364426950 G (mod p)
The logarithm was from the 100 BTC Bitcoin Challenge and was specified to have at most 115 bits (35 digits).
- Record for finding the shortest vector in a randomly generated lattice (source, announced February 8, 2021): A point in a lattice in 180 dimensions which is distance 3509 from the origin.
- Record for solving the Learning With Errors problem in the highest dimension (source, announced June 12, 2022): A point in a lattice in 90 dimensions with a relative error size of 0.005.
- Record for solving the Learning With Errors problem with the largest relative error (source, announced March 6, 2022): A point in a lattice in 40 dimensions with a relative error size of 0.035.
Quantum Computing Records
- Largest number reported factored using Shor’s Algorithm for fast quantum computing: 21 (source, published October 21, 2012)
- Largest number reported factored using quantum computation at any speed: 249919 (source, published December 5, 2018)
Quantum Cryptography Records
- Fastest quantum key agreement systems:
- Longest quantum key agreement systems:
- Submissions to the NIST Post-Quantum Cryptography Standardization process (source, presented April 11, 2018)
- Submissions received by NIST: 82
- Submissions meeting minimum specified requirements: 69
- Submissions still in contention as of the First PQC Standardization Conference: 64
- Submitters involved: 278, from “25 Countries, 16 States, 6 Continents”
- Submissions selected for standardization after Round 3 (source, announced July 5, 2022)
- CRYSTALS-KYBER (key-establishment for most use cases)
- CRYSTALS-Dilithium (digital signatures for most use cases)
- FALCON (digital signatures for use cases requiring smaller signatures)
- SPHINCS+ (digital signatures not relying on the security of lattices)
- Public-key encryption and key-establishment algorithms deferred to Round 4 of the NIST Post-Quantum Cryptography Standardization process: BIKE, Classic McEliece, HQC, SIKE
- 4th NIST PQC Standardization Conference: November 29-December 1, 2022
- Draft standards available for public comment: 2022-2024
- New Call for Proposals: Digital Signature Algorithms with Short Signatures and Fast Verification, Due June 1, 2023
- Submissions to the NIST Lightweight Cryptography Standardization process (source, updated April 19, 2019)
- Submissions received by NIST: 57
- Submissions meeting minimum specified requirements: 56
- Submissions surviving to Round 2 of the NIST Lightweight Cryptography Standardization process (source, announced August 30, 2019)
- Round 2 candidate submissions: 32
- 3rd NIST Lightweight Cryptography Workshop: November 4-6, 2019
- 4th NIST Lightweight Cryptography Workshop (virtual): October 19-21, 2020
- Submissions surviving to Round 3 of the NIST Lightweight Cryptography Standardization process (source, announced March 29, 2021)
- Round 3 candidate submissions: 10 (ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak)
- 5th NIST Lightweight Cryptography Workshop (virtual): May 9-11, 2022
- The final round of evaluation is (as of July 2022) expected to conclude late in 2022.