Post-quantum cryptographic (PQC) solutions are next-generation public-key algorithms engineered to remain secure against both classical and large-scale quantum computer attacks. Following nearly a decade of global evaluation and cryptanalysis, the National Institute of Standards and Technology (NIST) finalized the first set of quantum-safe standards between 2022 and 2024, publishing FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA, formerly SPHINCS+). As governments and industry accelerate migration under initiatives such as CNSA 2.0 and federal quantum readiness mandates, the focus has shifted from research to secure, production-grade deployment. At PQSecure™, we deliver side-channel-resistant hardware and software IP implementing these finalized NIST standards, enabling quantum-safe integration across FPGA, ASIC, SoC, RISC-V, and embedded platforms.
Post-Quantum Public Key Exchange
Post-quantum public key exchange refers to a family of cryptographic algorithms designed to establish a shared secret key securely over an untrusted network in a manner that remains secure against quantum attacks. As part of the finalized NIST PQC standardization process, NIST has standardized ML-KEM (Module-Lattice Key Encapsulation Mechanism, formerly CRYSTALS-Kyber) as the primary quantum-safe key establishment algorithm. Earlier candidate families explored in the process included lattice-based, code-based, multivariate, and isogeny-based approaches. While isogeny-based schemes were ultimately not selected for standardization, the final NIST selection reflects a balance of strong security, high performance, and implementation efficiency. PQSecure provides side-channel-protected, fault-resilient implementations of ML-KEM, optimized for secure boot, root-of-trust, IoT, defense, and high-assurance embedded systems.
Post-Quantum Digital Signatures
Post-quantum digital signature algorithms are designed to authenticate the sender of information and ensure data integrity while remaining resistant to both classical and quantum attacks. As part of NIST’s finalized PQC standards, the following digital signature families have now been standardized:
- ML-DSA (Module-Lattice Digital Signature Algorithm, formerly CRYSTALS-Dilithium)
- SLH-DSA (Stateless Hash-Based Digital Signature Algorithm, formerly SPHINCS+)
In addition to these, legacy hash-based signatures such as XMSS and LMS remain standardized under earlier NIST specifications for specialized long-term signature use cases. PQSecure delivers high-assurance, side-channel-resistant hardware and software IP for ML-DSA and SLH-DSA, with protection against power analysis and fault-injection attacks. Our implementations are engineered for certification readiness and are deployable across secure enclaves, roots of trust, firmware authentication, and post-quantum PKI systems.
Post-Quantum Solutions
PQSecure offers a broad set of hardware IP cores that implement both post-quantum and classical cryptographic algorithms, aligned with NIST standards and CNSA 2.0 recommendations. These IPs are designed with configurable security and performance options, enabling seamless integration into ASICs, FPGAs, and secure embedded systems. Each core is available with optional side-channel protections, and all certifiable components have passed ACVP validation where applicable. The following table summarizes the supported algorithms, core functions, standards, and unique security features.
| Algorithms/Primitive | Functionality | Standard | Features |
|---|---|---|---|
| ML-KEM + ML-DSA | KeyGen, Encaps/Decaps, Sign/Verify | NIST FIPS 203 & 204 | Integrated Kyber + Dilithium cores, DPA-hardened, flexible profiles |
| ML-KEM (Kyber) | KeyGen, Encapsulation, Decapsulation | NIST FIPS 203 | ML-KEM-512/768/1024, CCA-secure, masking & shuffling |
| ML-DSA (Dilithium) | KeyGen, Sign, Verify | NIST FIPS 204 | ML-DSA-44/65/87, constant-time, threshold masking, DPA-safe |
| SLH-DSA (SPHINCS+) | KeyGen, Sign, Verify | NIST FIPS 205 | Stateless, parameterizable, masking-supported |
| LMS / HSS | KeyGen, Sign, Verify | RFC 8554, CNSA 2.0, ACVP SP NIST 800-208 | CNSA-recommended, ACVP certified, DPA-hardened |
| XMSS | KeyGen, Sign, Verify | RFC 8391 SP NIST 800-208 | RFC-compliant, DPA-protected |
| Ascon | KeyGen (sym.), AEAD Encrypt/Decrypt, Hash | NIST SP 800-232 | Lightweight AEAD and hashing algorithm standardized by NIST; includes masking and DPA resistance |
| Hybrid ECC + PQC | KeyGen, Key Exchange, Sign, Verify | CNSA 2.0 | ECC + PQC integration, dual-mode, constant-time |
| AES-GCM / AES-CTR | KeyGen (sym.), Encrypt/Decrypt | FIPS 197, SP 800-38D | Side-channel protected AES cores |
| SHA-2 | Hash | FIPS 180-4 | Pipelined, constant-latency, timing-safe |
| SHA-3 | Hash, SHAKE | FIPS 202 | Keccak core with domain separation |
| HMAC-SHA2 | KeyGen, MAC | FIPS 198-1 | SHA2-based HMAC with masking |
| HMAC-SHA3 | KeyGen, MAC | SP 800-185 | Domain-separated HMAC, DPA-safe |
| SP 800-90A DRBG (Hash, HMAC, CTR) | Deterministic Random Bit Generation | NIST SP 800-90A Rev.1 | Hardware DRBG cores based on SHA2, HMAC, or AES; entropy reseeding and health tests included; DPA-resistant |
| SP 800-90B Conditioner (AES CBC-MAC) | Entropy Conditioning / Whitening | NIST SP 800-90B | AES CBC-MAC-based conditioning for TRNG entropy sources; compliant with FIPS 140-3 health tests |
| TRNG | Entropy Generation | SP 800-90B/C, FIPS 140-3 | Online testing, entropy conditioned (optional AES CBC-MAC module) |
| Trivium | PRNG / Stream Cipher | NIST SP 800-232 IPD | Lightweight PRNG used for DPA randomness only (not for compliance-grade entropy) |
PQSecure offers a wide range of hardware solutions and software solutions for every need from high-end servers to low-end embedded devices with side-channel countermeasures added by design.