NIST Published the Drafts of the Forthcoming PQC Standards
The long-awaited drafts of the future standards for post-quantum cryptography (PQC) have been published. Xiphera will react to this with modified versions of the products in the xQlave® PQC family.
On Thursday August 24, the U.S. National Institute of Standards and Technology, NIST, published the long-awaited drafts of the future standards for post-quantum cryptography (PQC). The algorithms that are the basis for these standards have been known already since summer 2022 when NIST announced CRYSTALS-Kyber, CRYSTALS-Dilithium, Falcon, and SPHINCS+ as the winners of Round 3 of the NIST PQC competition. Specifically, NIST now released three documents and requests comments for them:
- FIPS 203 (Draft): Module-Lattice-Based Key Encapsulation Mechanism Standard
- FIPS 204 (Draft): Module-Lattice-Based Digital Signature Standard
- FIPS 205 (Draft): Stateless Hash-Based Digital Signature Standard
FIPS 203 describes three algorithms ML-KEM-512, ML-KEM-768, and ML-KEM-1024 targeting three different security levels. They are based on the Kyber variants Kyber-512, Kyber-768, and Kyber-1024, respectively.
FIPS 204 similarly describes three algorithms ML-DSA-44, ML-DSA-65, and ML-DSA-87 based on Dilithium-2, Dilithium-3, and Dilithium-5.
FIPS 205 includes in total 12 algorithms for three different security levels, two options for the underlying hash standards (SHA-2 or SHAKE-256), and either relatively small signatures or fast signing.
The announced winners of Round 3 included also a fourth algorithm called FALCON, which is another digital signature algorithm. A draft for a standard based on FALCON was not released in this batch, but NIST says that it intends to develop a standard for FALCON later.
The drafts of FIPS 203, 204, and 205 are now open for commenting until November 22, 2023. NIST then takes the received comments into account and proposes the standards for approval to the U.S. Secretary of Commerce. It is likely that the final standards will be available during 2024.
The algorithms to be standardised include a few changes compared to the submission versions of CRYSTALS-Kyber, CRYSTALS-Dilithium, and SPHINCS+. The changes are relatively small and include changes in the lengths of certain hash values, slightly modified Fujisaki-Okamoto transform for Kyber, removal of certain hash computations that were safeguarding against flawed random number generators, changes on the way how specific seed values are to be generated, small modifications of which hash functions are used inside the algorithms, etc.
Xiphera will soon release modified versions of the xQlave® family of post-quantum cryptography so that they comply with these changes. “We anticipate that the changes will not have major impacts on the resource requirements or performance of the products”, says Kimmo Järvinen, co-founder and CTO of Xiphera.
Read more about Xiphera's xQlave® family of quantum-secure cryptography.
Related Semiconductor IP
- nQrux Secure Boot
- 4K/8K Multiformat IP supporting AV2 decoder
- Ultra Ethernet MAC & PCS 100G/200G/400G/800G
- Ethernet PCS 100G/200G/400G/800G/1.6T
- Ethernet MAC 100G/200G/400G/800G/1.6T
Related Blogs
- NIST announced the winners of the PQC competition
- Future of PQC on OpenTitan
- Driving the Future of High-Speed Computing with PCIe 7.0 Innovation
- Powering the Future of RF: Falcomm and GlobalFoundries at IMS 2025
Latest Blogs
- A Repeatable Framework for Hardware Security Assurance
- Inside the SiFive Performance™ P570 Gen 3: High Performance Efficiency for Next-Generation Consumer and Commercial Applications
- What the steam engine can teach us about modern chip design
- Automotive silicon in the era of AI, functional safety, and cybersecurity
- JPEG XS Officially Joins GenICam, The Machine Vision Standard Managed By EMVA