Post-quantum cryptographic solutions refers to a range of public-key cryptographic solutions that are considered secure in the quantum setting. Many of these algorithms are currently going through a standardization process being held by the National Institute for Standards and Technology (NIST). A few other institutions like the European Telecommunications Standards Institute (ETSI) and the Internet Engineering Task Force (IETF) are also developing their own standards, but the majority of the focus is on NIST’s post-quantum standardization process (NIST PQS). This process was officially announced in late 2016 and has recently came to a final stage with some winners and alternate algorithms that at PQSecure we proudly developed side-channel resistant IPs for them.
Post-Quantum Public Key Exchange
Post-quantum public key exchange refers to a set of algorithms designed to create a shared secret key over a public (unsecure) network, which are perceived to be quantum-safe. The NIST PQS process is currently standardizing some of these algorithms. The mathematical categories of these algorithms include isogeny-based, lattice-based, and code-based. There are pros and cons to each of these and thus NIST is expected to standardize more than one algorithm before the process is complete. PQSecure is working with each of these algorithms to develop high quality solutions once the standards are announced.
Post-Quantum Digital Signatures
Post-quantum digital signature algorithms are designed to not only verify the sender of the information, but also to validate the contents have not been changed, all while being quantum-safe. There are a few examples of post-quantum digital signatures that are already standardized (XMSS and LMS NIST FIPS 186), but the NIST PQS process hopes to standardize a few more of these algorithms to offer a wider range of possible solutions.
Post-Quantum Solutions
PQSecure offers a broad set of hardware IP cores that implement both post-quantum and classical cryptographic algorithms, aligned with NIST standards and CNSA 2.0 recommendations. These IPs are designed with configurable security and performance options, enabling seamless integration into ASICs, FPGAs, and secure embedded systems. Each core is available with optional side-channel protections, and all certifiable components have passed ACVP validation where applicable. The following table summarizes the supported algorithms, core functions, standards, and unique security features.
| Algorithms/Primitive | Functionality | Standard | Features |
|---|---|---|---|
| ML-KEM + ML-DSA | KeyGen, Encaps/Decaps, Sign/Verify | NIST FIPS 203 & 204 | Integrated Kyber + Dilithium cores, DPA-hardened, flexible profiles |
| ML-KEM (Kyber) | KeyGen, Encapsulation, Decapsulation | NIST FIPS 203 | ML-KEM-512/768/1024, CCA-secure, masking & shuffling |
| ML-DSA (Dilithium) | KeyGen, Sign, Verify | NIST FIPS 204 | ML-DSA-44/65/87, constant-time, threshold masking, DPA-safe |
| SLH-DSA (SPHINCS+) | KeyGen, Sign, Verify | NIST FIPS 205 | Stateless, parameterizable, masking-supported |
| LMS / HSS | KeyGen, Sign, Verify | RFC 8554, CNSA 2.0, ACVP SP NIST 800-208 | CNSA-recommended, ACVP certified, DPA-hardened |
| XMSS | KeyGen, Sign, Verify | RFC 8391 SP NIST 800-208 | RFC-compliant, DPA-protected |
| Ascon | KeyGen (sym.), AEAD Encrypt/Decrypt, Hash | NIST SP 800-232 | Lightweight AEAD and hashing algorithm standardized by NIST; includes masking and DPA resistance |
| Hybrid ECC + PQC | KeyGen, Key Exchange, Sign, Verify | CNSA 2.0 | ECC + PQC integration, dual-mode, constant-time |
| AES-GCM / AES-CTR | KeyGen (sym.), Encrypt/Decrypt | FIPS 197, SP 800-38D | Side-channel protected AES cores |
| SHA-2 | Hash | FIPS 180-4 | Pipelined, constant-latency, timing-safe |
| SHA-3 | Hash, SHAKE | FIPS 202 | Keccak core with domain separation |
| HMAC-SHA2 | KeyGen, MAC | FIPS 198-1 | SHA2-based HMAC with masking |
| HMAC-SHA3 | KeyGen, MAC | SP 800-185 | Domain-separated HMAC, DPA-safe |
| SP 800-90A DRBG (Hash, HMAC, CTR) | Deterministic Random Bit Generation | NIST SP 800-90A Rev.1 | Hardware DRBG cores based on SHA2, HMAC, or AES; entropy reseeding and health tests included; DPA-resistant |
| SP 800-90B Conditioner (AES CBC-MAC) | Entropy Conditioning / Whitening | NIST SP 800-90B | AES CBC-MAC-based conditioning for TRNG entropy sources; compliant with FIPS 140-3 health tests |
| TRNG | Entropy Generation | SP 800-90B/C, FIPS 140-3 | Online testing, entropy conditioned (optional AES CBC-MAC module) |
| Trivium | PRNG / Stream Cipher | NIST SP 800-232 IPD | Lightweight PRNG used for DPA randomness only (not for compliance-grade entropy) |
PQSecure offers a wide range of hardware solutions and software solutions for every need from high-end servers to low-end embedded devices with side-channel countermeasures added by design.