NIST Releases First Post-Quantum Cryptography Standards
The standards agency is working with other agencies to ensure post-quantum cryptography readiness across government.

The National Institute of Standards and Technology (NIST) said it is looking to transfer all high-priority systems to quantum-resistant cryptography by 2035. Dustin Moody, mathematician in the NIST Computer Security Division, said the transition is necessary for the future because of security concerns with “harvest now, decrypt later.”
NIST has standardized three cryptographic algorithms, but post-quantum cryptography will be secure against attacks from classical and quantum computers, officials said. Currently, there isn’t a large enough quantum computer that threatens the current level of security, but Moody said that agencies need to be prepared ahead of future attacks.
“Suppose your enemy gets a hold of your data today, and you’re not so worried because it’s encrypted. But if a quantum computer comes out and say 10 years, and you were hoping that data to be protected for 15 years … you’re not going to be protecting your data long enough,” Moody said during an ATARC event May 7.
Following a five-year evaluation process, NIST identified in 2022 the four algorithms it would be standardizing and this summer will publish the first post-quantum cryptography standards called Federal Information Processing Standards (FIPS). FIPS will contain three of the four tested algorithms based on code-based cryptography.
NIST selected CRYSTAL-Kyber as the key encapsulation mechanism (KEM) and selected three additional signatures for standardization: CRYSTAL-Dilithium, FALCON and SPINCS+. CRYSTALS-Kyber will be used for general encryption, like securing public-facing websites. CRYSTAS-Dilithium, FALCON and SPHINCS+ will be used when a digital signature is required.
Moody said it’s important to begin the quantum transition now, as the process will take some time. NIST, the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency released a joint fact sheet to help agencies navigate cryptographic inventories and discuss the next steps with vendors.
“Make sure your IT people are tracking what’s going on with the standardization,” he said. “We want you to hold off implementing them in terms of putting them into your products until the final standards come out. But you can certainly test them and see how they will work in your applications,” Moody said.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
DOD Can No Longer Assume Superiority in Digital Warfare, Officials Warn
The DOD must make concerted efforts to address cyber vulnerabilities to maintain the tactical edge, military leaders said at HammerCon 2025.
4m read -
Tracking CIOs in Trump's Second Term
Stay informed on the latest shifts in federal technology leadership as new CIOs are appointed and President Trump's second term takes shape.
6m read -
Inside Oak Ridge National Lab’s Pioneer Approach to AI
Energy Department’s Oak Ridge National Lab transforms AI vulnerabilities into strategic opportunities for national defense.
22m listen -
AWS Summit: Innovation Accelerates IT Delivery at DOD
Marine Corps Community Services is tackling outdated IT processes with agile development and cutting-edge cloud security to deliver mission-critical capabilities faster.
12m watch -
AWS Summit: NIST Secures High-Performance Computing Against Evolving Threats
NIST’s Yang Guo reveals the broad attack surface of high-performance computing and explains developing guidance and future-proofing security strategies.
9m watch -
Trump Overhauls Federal Cybersecurity with New Executive Order
The new directive aims to strengthen digital defenses while rolling back "burdensome" software requirements and refocusing AI security.
3m read -
AWS Summit: Forging Successful Cloud Modernization Partnerships
Industry leaders share insights on the critical role industry partnerships have in enabling government agencies to navigate procurement challenges for cloud and zero trust solutions.
24m watch Partner Content -
CISA's CVE Program and Why it Matters for Zero Trust
The vulnerability program provides the cybersecurity community visibility into software as part of a key pillar of CISA's zero trust model.
5m read -
Air Force, Coast Guard Talk Data Security Efforts for AI Development
The services' AI initiatives include efforts like creating clean training data, countering data poisoning and bridging siloed teams.
4m read -
DHS Secretary Urges Congress to Reauthorize CISA 2015
Federal leaders highlight CISA 2015's role in strengthening public-private partnerships and defending against evolving cyber threats.
3m read -
Rep. Gerry Connolly Leaves Lasting Mark on Federal Tech
Connolly's leadership in Congress significantly advanced government IT, emphasizing accountability, efficiency and a robust cybersecurity posture.
4m read -
Agencies Use AI to Boost Efficiency, Cybersecurity Under White House Mandates
DLA and GAO are investigating how AI can boost efficiency and bolster cybersecurity as agencies align with the president's tech directives.
3m read