====== 3.3 NIST PQC Standards ====== The official US standards for quantum-safe cryptography. ===== Background ===== NIST((National Institute of Standards and Technology: https://www.nist.gov/)) has published the first three Post-Quantum Standards((NIST Post-Quantum Cryptography Project: https://csrc.nist.gov/Projects/post-quantum-cryptography)) in August 2024 after 8 years of research. ===== The Three Standards ===== ==== FIPS 203 - ML-KEM ==== **Module-Lattice-Based Key-Encapsulation Mechanism**((NIST FIPS 203: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf)) * For: Encryption / Key Exchange * Based on: CRYSTALS-Kyber((CRYSTALS-Kyber Specification: https://pq-crystals.org/kyber/)) * Usage: TLS((Transport Layer Security)), VPN, secure communication ==== FIPS 204 - ML-DSA ==== **Module-Lattice-Based Digital Signature Algorithm**((NIST FIPS 204: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf)) * For: Digital Signatures * Based on: CRYSTALS-Dilithium((CRYSTALS-Dilithium Specification: https://pq-crystals.org/dilithium/)) * Usage: Certificates, software signing ==== FIPS 205 - SLH-DSA ==== **Stateless Hash-Based Digital Signature Algorithm**((NIST FIPS 205: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.pdf)) * For: Digital Signatures (Backup) * Based on: SPHINCS+((SPHINCS+ Specification: https://sphincs.org/)) * Usage: If ML-DSA shows weaknesses ===== Recommendation ===== NIST recommends immediate adoption of these standards. They can and should be implemented now. ===== Sources ===== * [[https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards|NIST Press Release (August 13, 2024)]] * [[https://csrc.nist.gov/Projects/post-quantum-cryptography|NIST PQC Project Homepage]] * [[https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf|FIPS 203 (ML-KEM) Full Text]] * [[https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf|FIPS 204 (ML-DSA) Full Text]] * [[https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.pdf|FIPS 205 (SLH-DSA) Full Text]]