Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects

Post-Quantum Cryptography: Additional Digital Signature Schemes

Overview

The Round 2 candidates were announced October 24, 2024. NIST IR 8528, Status Report on the First Round of the Additional Digital Signature Schemes for the NIST Post-Quantum Cryptography Standardization Process is now available.

NIST announced that the PQC standardization process is continuing with a fourth round, with the following KEMs still under consideration: BIKE, Classic McEliece, HQC, and SIKE. However, there are no remaining digital signature candidates under consideration. As such, NIST posted a call for additional digital signature proposals to be considered in the PQC standardization process. The call for submissions closed June 1, 2023, with forty algorithms being evaluated in the first rounnd.

Background

NIST initiated the public Post-Quantum Cryptography (PQC) Standardization Process in December 2016 to select quantum-resistant public-key cryptographic algorithms for standardization in response to the substantial development and advancement of quantum computing.  After three rounds of evaluation and analysis, NIST announced the selection of the first algorithms to be standardized. The public-key encapsulation mechanism (KEM) selected for standardization was CRYSTALS-KYBER (ML-KEM). The digital signatures selected were CRYSTALS-Dilithium (ML-DSA), FALCON (FN-DSA), and SPHINCS(SLH-DSA). Except for SPHINCS+, all of these schemes are based on the computational hardness of problems that involve structured lattices. While several non-lattice-based KEMs remained under consideration in the fourth round, no signature schemes remained.

In September 2022, NIST called for additional digital signature proposals to be considered in the PQC standardization process to diversify its post-quantum signature portfolio. Since two signature schemes based on structured lattices had already been standardized, NIST expressed particular interest in additional general-purpose signature schemes based on a security assumption that did not use structured lattices as well as signature schemes with short signatures and fast verification. 

Contacts

PQC Crypto Technical Inquiries
[email protected]

Dr. Lily Chen

Dr. Dustin Moody

Dr. Yi-Kai Liu

Topics

Security and Privacy: digital signatures, post-quantum cryptography

Created August 29, 2022, Updated October 24, 2024