Just a little while back to much fanfare, NIST-release these standards:
- https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.203.pdf
- https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf
- https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.205.pdf
They are the post-quantum algorithms that are now standardized for use!! As a quick summary:
- Kyber became ML-KEM (Module Lattice Key Encapsulation Mechanism) which is specified by NIST’s FIPS 203 document.
- Dilithium became ML-DSA (Module Lattice Digital Signature Algorithm) which is specified by NIST’s FIPS 204 document.
- SPHINCS+ became SLH-DSA (StateLess Hash-based Digital Signature Algorithm) which is specified by NIST’s FIPS 205 document.
ML-KEM and ML-DSA are great for general purpose use in protocols. For example, where you would use ECDH you would use ML-KEM and where you would use ECDSA you would use ML-DSA. SLH-DSA has specialized applications similar to those of LMS and XMSS. If you don’t want to deal with the statefulness of those algorithms, then SLH-DSA would be a great replacement.
Hot on the heels of this standardization announcement, we here at wolfSSL are announcing to the world that we have full implementation and support for ML-KEM and ML-DSA. You can have a look and try them out for yourself. Simply download the wolfSSL library, configure it to enable Dilithium and Kyber and run the benchmarks!
If you are interested in an implementation and support for SLH-DSA or have questions about any of the avobe, please contact us at facts@wolfSSL.com or +1 425 245 8247!
Download wolfSSL Now