U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process

Published

Author(s)

Gorjan Alagic, Maxime Bros, Pierre Ciadoux, David Cooper, Quynh Dang, Thinh Dang, John Kelsey, Jacob Lichtinger, Yi-Kai Liu, Carl Miller, Dustin Moody, Rene Peralta, Ray Perlner, Angela Robinson, Hamilton Silberg, Daniel Smith-Tone, Noah Waller

Abstract

The National Institute of Standards and Technology is selecting public-key cryptographic algorithms through a public, competition-like process. The new public-key cryptography standards will specify additional digital signatures, public-key encryption, and key-establishment algorithms to supplement Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), as well as NIST Special Publication (SP) 800-56A Revision 3, Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography, and SP 800-56B Revision 2, Recommendation for Pair-Wise Key Establishment Using Integer Factorization Cryptography. It is intended that these algorithms will be capable of protecting sensitive information well into the foreseeable future, including after the advent of quantum computers. After three rounds of evaluation and analysis, NIST announced the selection of the first algorithms to be standardized \citeNISTIR8413}. The public-key encapsulation mechanism (KEM) selected for standardization was CRYSTALS-Kyber (ML-KEM). The digital signatures selected were CRYSTALS-Dilithium (ML-DSA), Falcon (FN-DSA), and SPHINCS+ (SLH-DSA). In August 2024, NIST published the first three post-quantum cryptography standards based on these algorithms \citeFIPS203, FIPS204, FIPS205}. Four candidate algorithms for key establishment have continued to be studied in a fourth round of analysis: BIKE, Classic McEliece, HQC, and SIKE. This report describes the evaluation and selection process of these fourth-round candidates based on public feedback and internal review. The report summarizes each of the candidate algorithms and identifies those selected for standardization. The only key-establishment algorithm that will be standardized is HQC. NIST will develop a standard based on HQC to augment and diversify its key-establishment portfolio.
Citation
NIST Interagency/Internal Report (NISTIR) - NIST IR 8545
Report Number
NIST IR 8545
NIST Pub Series
NIST Interagency/Internal Report (NISTIR)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.IR.8545
Local Download

Keywords

cryptography, key-encapsulation mechanism (KEM), key establishment, post-quantum cryptography (PQC), quantum resistant, quantum safe
Standards, Mathematics and statistics and Cybersecurity

Citation

Alagic, G. , Bros, M. , Ciadoux, P. , Cooper, D. , Dang, Q. , Dang, T. , Kelsey, J. , Lichtinger, J. , Liu, Y. , Miller, C. , Moody, D. , Peralta, R. , Perlner, R. , Robinson, A. , Silberg, H. , Smith-Tone, D. and Waller, N. (2025), Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8545, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=959556 (Accessed April 12, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created March 11, 2025