NIST Post-Quantum Cryptography Standards

In August 2024, the National Institute of Standards and Technology finalized the first three post-quantum cryptographic standards: FIPS 203 (CRYSTALS-KYBER, for key encapsulation), FIPS 204 (CRYSTALS-Dilithium, for digital signatures), and FIPS 205 (SPHINCS+, a hash-based signature scheme). In March 2025, NIST selected HQC as a fourth standard, adding algorithmic diversity to the portfolio. After eight years of open international competition — scrutinized by thousands of cryptographers — these standards represent the field's best current answer to the quantum threat. The quantum threat is specific: Peter Shor's 1994 algorithm demonstrates that a sufficiently powerful quantum computer could factor the large prime numbers underlying RSA and solve the discrete logarithm problems underlying elliptic curve cryptography. The computational requirement is approximately 20 million physical qubits operating with very low error rates — roughly 1,000 times more than today's best systems. At current quantum hardware trajectories, most estimates place this capability 10 to 15 years away. That timeline creates an urgent and non-obvious problem: harvest-now-decrypt-later attacks. Adversarial actors — well-resourced nation-states, primarily — are actively capturing encrypted data today, storing it, and waiting for quantum computers capable of decrypting it. Any data encrypted today that must remain confidential for more than ten years is potentially already compromised. The categories of concern include military communications, diplomatic cables, financial transaction histories, medical records, and intellectual property with long commercial lifespans. The US federal government has set a January 2, 2030 deadline for all federal agencies to implement quantum-safe TLS 1.3. The concept of 'crypto-agility' — designing systems to swap cryptographic primitives without architectural overhaul — has moved from security best practice to operational requirement. Every enterprise security team should now have a quantum cryptography migration plan in progress.