Inhaltsverzeichnis

2.1 Compliance

Regulatory conformance and standards for post-quantum cryptography.

NIST Standards

The library implements the final NIST standards for PQ cryptography:

Standard Algorithm Usage Status
FIPS 2031) ML-KEM Key encapsulation Final (2024)
FIPS 2042) ML-DSA Digital signatures Final (2024)

These standards are the result of the 8-year NIST Post-Quantum Cryptography Standardization Project.

Regulatory Recommendations

BSI (Germany)

The Federal Office for Information Security3) recommends:

ENISA (EU)

The European Agency for Cybersecurity4) recommends:

Industry-Specific Requirements

Industry Relevance Rationale
Finance High Long-term obligations, transaction data
Healthcare High Patient data, 30+ years retention
Government High State secrets, infrastructure
Industry Medium Long-term certificates, IoT devices

Audit Support

Demonstrable Compliance:

Documentation for Audits:

Further Reading

Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional

, , , ,
1)
NIST FIPS 203: https://csrc.nist.gov/pubs/fips/203/final
2)
NIST FIPS 204: https://csrc.nist.gov/pubs/fips/204/final
3)
BSI PQC: https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Kryptografie/Post-Quanten-Kryptografie/post-quanten-kryptografie_node.html
4)
ENISA: https://www.enisa.europa.eu/publications/post-quantum-cryptography-current-state-and-quantum-mitigation