NIST published the final version of FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) on August 13, 2024, making the first post-quantum cryptographic (PQC) algorithms official and wrapping up an eight-year effort to prepare us for a future where quantum cyberattacks are a more common threat.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240816465334/en/
The first PQC algorithm certificates issued. (Photo: Business Wire)
NIST enabled the ACVTS (Automated Cryptographic Validation Test System) for these algorithms on that same day, and atsec is pleased to announce it successfully performed the world's first algorithm testing of ML-KEM and ML-DSA using ACVTS, obtaining the first associated CAVP certificates covering all supported algorithm options and key sizes mere hours later.
atsec is excited to announce that testing of these post-quantum algorithms is available for all vendors, with services including providing the test vectors generated by the NIST ACVP (Automated Cryptographic Validation Protocol) server, executing the PQC algorithms of an Implementation under Test (IUT) using our in-house test harness, validating the test results on the NIST server, and obtaining the CAVP certificates. atsec also offers trainings on using these new algorithms, including as part of hybrid schemes combining classic and post-quantum cryptographic algorithms.
The post-quantum cryptographic algorithm standards differ in several ways from the candidate implementations and specifications that development teams deliver to NIST. atsec can provide a gap analysis so vendors can identify required changes in their implementations of algorithms. You can find more information on atsec's services regarding cryptographic algorithm testing on our website.
Immediately after the publication of the PQC standards, not only did the NIST CAVP make the new PQC algorithm testing available at lightning speed, the CMVP responded just as quickly with an updated SP 800-140C, SP 800-140D, and FIPS 140-3 IG 10.3.A.
NIST's significant synchronization effort across multiple groups in rolling out the PQC standards and associated testing requirements is highly commendable, and we are deeply honored to work alongside them in preparing reference implementations and trial testing with the ACVP demo server, which led to this historic moment. Even as we look to the future, we think it is important to take a moment in the now to thank NIST for seeing this monumental project through to conclusion, organizing the brightest minds from across the world to ensure we're ready for the threats of tomorrow.
Link:
https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation-search?searchMode=implementation&product=leancrypto&productType=-1&dateFrom=08%2F13%2F2024&ipp=25
View source version on businesswire.com: https://www.businesswire.com/news/home/20240816465334/en/
Contacts:
Andreas Fabis
Marketing Director
fabis@atsec.com
www.atsec.com