Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Comments Requested on Three Draft FIPS for Post-Quantum Cryptography
August 24, 2023

NIST requests comments on the initial public drafts of three Federal Information Processing Standards (FIPS):

  1. FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard
  2. FIPS 204, Module-Lattice-Based Digital Signature Standard
  3. FIPS 205, Stateless Hash-Based Digital Signature Standard

These proposed standards specify key establishment and digital signature schemes that are designed to resist future attacks by quantum computers, which threaten the security of current standards. The three algorithms specified in these standards are each derived from different submissions to the NIST Post-Quantum Cryptography Standardization Project. 

The public comment period for these three drafts is open through November 22, 2023. See the publication details (linked above) to download the drafts and for information on submitting comments.


Draft FIPS 203 specifies a cryptographic scheme called the Module-Lattice-Based Key-Encapsulation Mechanism Standard which is derived from the CRYSTALS-KYBER submission. A key encapsulation mechanism (KEM) is a particular type of key establishment scheme that can be used to establish a shared secret key between two parties communicating over a public channel. Current NIST-approved key establishment schemes are specified in NIST Special Publication (SP) 800-56A, Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm-Based Cryptography, and SP 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography

The drafts of FIPS 204 and 205 each specify digital signature schemes, which are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. FIPS 204 specifies the Module-Lattice-Based Digital Signature Standard, which is derived from CRYSTALS-Dilithium submission. FIPS 205 specifies the Stateless Hash-Based Digital Signature Standard derived from the SPHINCS+ submission. Current NIST-approved digital signature schemes are specified in FIPS 186-5, Digital Signature Standard, and SP 800-208, Recommendation for Stateful Hash-based Signature Schemes. NIST is also developing a FIPS that specifies a digital signature algorithm derived from FALCON as an additional alternative to these standards.

Read More! NIST to Standardize Encryption Algorithms That Can Resist Attack by Quantum Computers

Federal Register Notice

Document Number: 2023-18197

Parent Project

See: Post-Quantum Cryptography

Related Topics

Security and Privacy: digital signatures, key management, post-quantum cryptography

Created August 17, 2023, Updated August 24, 2023