5.7.2 Standardization And Migration
Recognizing the urgency of the quantum threat, the National Institute of Standards and Technology (NIST) launched its Post-Quantum Cryptography (PQC) Standardization Project in 2016 to identify algorithms suitable for replacing RSA and elliptic-curve cryptography in government and commercial use. After several competitive rounds, NIST announced CRYSTALS-Kyber, CRYSTALS-Dilithium and SPHINCS+ as the first algorithms to be standardized for general use, with further candidates (e.g., Falcon) under evaluation for specialized applications.
Consequently, in August 2024, NIST announced the approval of three FIPS:
- FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard, a key encapsulation mechanism for key exchange based on CRYSTALS-Kyber.
- FIPS 204, Module-Lattice-Based Digital Signature Standard, a digital-signature algorithm for authentication based on CRYSTALS-Dilithium.
- FIPS 205, Stateless Hash-Based Digital Signature Standard, a stateless hash-based signature scheme based in SPHINCS+.
A fourth draft standard, FIPS 206: Fast Fourier Transform Over NTRU-Lattice-Based Digital Signature Algorithm (FN-DSA), was released for public comment in August 2024. FN-DSA provides an additional lattice-based signature mechanism intended to complement Dilithium and SPHINCS+ by offering distinct mathematical underpinnings and implementation trade-offs. FIPS 206 remains under review and has not yet been approved as a FIPS—completion is expected in the late 2026 to early 2027 timeframe.
These standards specify PQ key establishment and digital signature schemes that are designed to resist future attacks by quantum computers, which threaten the security of current standards.
Migration to post-quantum standards is expected to be gradual. Large infrastructure deployments—such as PKI, TLS, and VPNs—require backward-compatible implementations to preserve existing digital certificates and authentication systems. NIST and related agencies recommend that organizations begin cryptographic inventory and transition planning now, particularly for data requiring confidentiality beyond 2035.
Back to reading