4898:
1181:
FIPS 205, also designed for digital signatures. The standard employs the
Sphincs+ algorithm, which has been renamed SLH-DSA, short for Stateless Hash-Based Digital Signature Algorithm. The standard is based on a different math approach than ML-DSA, and it is intended as a backup method in case ML-DSA
750:
On July 22, 2020, NIST announced seven finalists ("first track"), as well as eight alternate algorithms ("second track"). The first track contains the algorithms which appear to have the most promise, and will be considered for standardization at the end of the third round. Algorithms in the second
1173:
Federal
Information Processing Standard (FIPS) 203, intended as the primary standard for general encryption. Among its advantages are comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation. The standard is based on the CRYSTALS-Kyber algorithm,
754:
On June 7â9, 2021, NIST conducted the third PQC standardization conference, virtually. The conference included candidates' updates and discussions on implementations, on performances, and on security issues of the candidates. A small amount of focus was spent on intellectual property concerns.
36:
schemes were submitted by the initial submission deadline at the end of 2017 of which 69 total were deemed complete and proper and participated in the first round. Seven of these, of which 3 are signature schemes, have advanced to the third round, which was announced on July 22, 2020.
68:
The competition is now in its third round out of expected four, where in each round some algorithms are discarded and others are studied more closely. NIST hopes to publish the standardization documents by 2024, but may speed up the process if major breakthroughs in
751:
track could still become part of the standard, after the third round ends. NIST expects some of the alternate candidates to be considered in a fourth round. NIST also suggests it may re-open the signature category for new schemes proposals in the future.
988:. NIST holds signed statements from submitting groups clearing any legal claims, but there is still a concern that third parties could raise claims. NIST claims that they will take such considerations into account while picking the winning algorithms.
2785:
Moody, Dustin; Alagic, Gorjan; Apon, Daniel C.; Cooper, David A.; Dang, Quynh H.; Kelsey, John M.; Liu, Yi-Kai; Miller, Carl A.; Peralta, Rene C.; Perlner, Ray A.; Robinson, Angela Y.; Smith-Tone, Daniel C.; Alperin-Sheriff, Jacob (2020).
48:
Academic research on the potential impact of quantum computing dates back to at least 2001. A NIST published report from April 2016 cites experts that acknowledge the possibility of quantum technology to render the commonly used
1168:
While there have been no substantive changes made to the standards since the draft versions, NIST has changed the algorithmsâ names to specify the versions that appear in the three finalized standards, which are:
1177:
FIPS 204, intended as the primary standard for protecting digital signatures. The standard uses the CRYSTALS-Dilithium algorithm, which has been renamed ML-DSA, short for Module-Lattice-Based
Digital Signature
1185:
Similarly, when the draft FIPS 206 standard built around FALCON is released, the algorithm will be dubbed FN-DSA, short for FFT (fast-Fourier transform) over NTRU-Lattice-Based
Digital Signature Algorithm.
57:
cryptographic primitives was pursued. Since most symmetric primitives are relatively easy to modify in a way that makes them quantum resistant, efforts have focused on public-key cryptography, namely
1314:
DME-Sign ("Our first impression is that the attack works and we are checking the details of the attack .We are implementing a variant of the DME that may resist the attack but we have to verify it.")
2254:
Lau, Terry Shue Chien; Tan, Chik How (31 January 2019). "Key
Recovery Attack on McNie Based on Low Rank Parity Check Codes and Its Reparation". In Inomata, Atsuo; Yasuda, Kan (eds.).
4878:
4708:
4338:
1911:
2184:
4048:
2226:
2017:
3048:
4561:
3030:
1019:
side channel attack by . A masking may be added in order to resist the attack. This adaptation affects performance and should be considered while standardizing.
4461:
4190:
2205:
Debris-Alazard, Thomas; Tillich, Jean-Pierre (2018). "Two attacks on rank metric code-based schemes: RankSign and an
Identity-Based-Encryption scheme".
1308:
3WISE ("the submitter agrees that the scheme is insecure, but prefers to not withdraw in the hope that studying the scheme will advance cryptanalysis")
2875:
4369:
4363:
2952:
77:
1601:
1711:
1912:"Dear all, the following Python script quickly recovers the message from a given "Guess Again" ciphertext without knowledge of the private key"
976:'s announcement regarding the finalists and the alternate candidates, various intellectual property concerns were voiced, notably surrounding
4487:
4041:
2271:
1448:
Enhanced pqsigRM by Thomas Debris-Alazard, Pierre Loisel and
Valentin Vasseur; Pierre Briaud, Maxime Bros, Ray Perlner and Daniel Smith-Tone
1479:
1654:
1164:
On August 13, 2024, NIST released final versions of its first three Post
Quantum Crypto Standards. According to the release announcement:
1195:
NIST received 50 submissions and deemed 40 to be complete and proper according to the submission requirements. Under consideration are:
1006:
During this round, some candidates have shown to be vulnerable to some attack vectors. It forces these candidates to adapt accordingly:
4105:
4936:
1804:
1555:
939:
717:
430:
4173:
4130:
4095:
3901:
Carrier, Kevin; Hatey, Valérian; Tillich, Jean-Pierre (5 December 2023). "Projective Space Stern
Decoding and Application to SDitH".
2826:
1528:
4554:
4085:
4034:
4163:
4110:
4926:
4249:
2227:"I am afraid the parameters in this proposal have at most 4 to 6-bits security under the Information Set Decoding (ISD) attack"
2663:
4931:
4757:
4274:
2144:
Couvreur, Alain; Lequesne, Matthieu; Tillich, Jean-Pierre (2018). "Recovering short secret keys of RLCE in polynomial time".
1495:
4158:
1442:
DME-Sign by Markku-Juhani O. Saarinen (implementation only?); Pierre Briaud, Maxime Bros, Ray
Perlner, and Daniel Smith-Tone
3204:
4547:
4415:
4348:
4090:
4873:
4828:
4641:
4512:
4405:
4254:
4168:
4153:
3702:
3657:
3627:
2978:
1632:
4752:
4264:
4135:
1490:
1217:
977:
119:
4868:
4517:
4497:
806:
628:
212:
54:
29:
1740:
4858:
4848:
4703:
4456:
4227:
3004:
2288:
1681:
4853:
4843:
4646:
4606:
4599:
4589:
4584:
4410:
4057:
1941:"Fast key recovery attack against the "RVB" submission to #NISTPQC: t .... Computes private from public key"
839:
3088:
4594:
4492:
4343:
4282:
4217:
792:
2850:
2393:
2258:. Lecture Notes in Computer Science. Vol. 11049. Springer International Publishing. pp. 19â34.
4901:
4747:
4693:
4358:
4115:
4072:
1965:
950:
821:
801:
728:
649:
243:
3923:
3887:
3872:
3857:
3831:
3817:
3802:
3787:
3761:
3747:
3732:
3717:
3687:
3672:
3642:
3612:
3597:
3582:
3567:
3376:
3348:
3074:
1991:
1715:
1573:
1457:
SDitH by Kevin Carrier and Jean-Pierre Tillich; Kevin Carrier, Valérian Hatey, and Jean-Pierre Tillich
4863:
4787:
4269:
4080:
2123:
Lequesne, Matthieu; Tillich, Jean-Pierre (2018). "Attack on the Edon-K Key Encapsulation Mechanism".
4626:
4375:
4013:
1883:
1855:
510:
40:
On August 13, 2024, NIST released final versions of the first three Post Quantum Crypto Standards.
2102:
Barelli, Elise; Couvreur, Alain (2018). "An efficient structural attack on NIST submission DAGS".
4732:
4716:
4663:
4400:
4222:
4145:
4125:
4120:
4100:
3902:
2801:
2788:"Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process"
2590:
2206:
2145:
2124:
2103:
1766:
1484:
58:
1013:
may change the nested hashes used in their proposals in order for their security claims to hold.
65:. In December 2016 NIST initiated a standardization process by announcing a call for proposals.
2419:
4792:
4782:
4653:
4482:
4425:
4353:
4239:
2787:
2267:
303:
250:
106:
70:
62:
33:
1853:
RSA using 2 4096-bit primes for a total key size of 1 TiB. "Key almost fits on a hard drive"
247:
4727:
4328:
2791:
2259:
1616:"Survey of Computational Assumptions Used in Cryptography Broken or Not by Shor's Algorithm"
453:
4004:
1796:
1615:
1514:
1174:
which has been renamed ML-KEM, short for Module-Lattice-Based Key-Encapsulation Mechanism.
1028:
On July 5, 2022, NIST announced the first group of winners from its six-year competition.
50:
3982:
Polynomial-Time Key-Recovery Attack on the $ {\tt NIST}$ Specification of $ {\tt PROV}$
2935:"Falcon Down: Breaking Falcon Post-Quantum Signature Scheme through Side-Channel Attacks"
2167:"Hila5 Pindakaas: On the CCA security of lattice-based encryption with error correction"
4802:
4722:
4683:
4631:
4616:
567:
Candidates moving on to the second round were announced on January 30, 2019. They are:
1940:
1859:
4920:
4883:
4838:
4797:
4777:
4673:
4636:
4611:
2805:
2689:
4833:
4678:
4668:
4658:
4621:
4570:
4522:
4502:
3937:
Liu, Fukang; Mahzoun, Mohammad; Ăygarden, Morten; Meier, Willi (10 November 2023).
2667:
2165:
Bernstein, Daniel J.; Groot Bruinderink, Leon; Lange, Tanja; Lange, Lorenz (2017).
2849:
Computer Security Division, Information Technology Laboratory (10 February 2021).
549:
Hila5 by Daniel J. Bernstein, Leon Groot Bruinderink, Tanja Lange and Lorenz Panny
1095:
On July 5, 2022, NIST announced four candidates for PQC Standardization Round 4.
4812:
4420:
4297:
2287:
Computer Security Division, Information Technology Laboratory (3 January 2017).
2263:
1680:
Computer Security Division, Information Technology Laboratory (3 January 2017).
1059:
514:
170:
2440:
1445:
EHTv3 by Eamonn Postlethwaite and Wessel van Woerden; Keegan Ryan and Adam Suhl
4772:
4742:
4737:
4698:
4446:
4178:
3049:"Post-quantum encryption contender is taken out by single-core PC and 1 hour"
1887:
4762:
76:
It is currently undecided whether the future standards will be published as
32:. It was announced at PQCrypto 2016. 23 signature schemes and 59 encryption/
3429:
3205:"FuLeeca: A Lee-based Signature Scheme - Lehrstuhl fĂŒr Nachrichtentechnik"
2828:
Third PQC Standardization Conference - Session I Welcome/Candidate Updates
4807:
4767:
4507:
4441:
4312:
4307:
4302:
4183:
2796:
1469:
PROV by Ludovic Perret, and River Moreira Ferreira (implementation only)
1433:
MEDS by Markku-Juhani O. Saarinen and Ward Beullens (implementation only)
217:
4333:
4292:
3156:
2893:
1944:
1556:"The Future Is Now: Spreading the Word About Post-Quantum Cryptography"
1529:"Post-Quantum Cryptography Standardization â Post-Quantum Cryptography"
985:
598:
3114:
2953:"NIST Announces First Four Quantum-Resistant Cryptographic Algorithms"
2761:"Picnic. A Family of Post-Quantum Secure Digital Signature Algorithms"
2760:
4688:
4451:
3161:
2565:
2540:
552:
Giophantus by Ward Beullens, Wouter Castryck and Frederik Vercauteren
3939:"Algebraic Attacks on RAIN and AIM Using Equivalent Representations"
3938:
3832:"Round 1 (Additional Signatures) OFFICIAL COMMENT: Enhanced pqsigRM"
3818:"Round 1 (Additional Signatures) OFFICIAL COMMENT: Enhanced pqsigRM"
2166:
3980:
3957:
3907:
2934:
2915:
2211:
2150:
2129:
2108:
2084:
2065:
2046:
1463:
AIMer by Fukang Liu, Mohammad Mahzoun, Morten Ăygarden, Willi Meier
4287:
4244:
4212:
4205:
4200:
4195:
3613:"Round 1 (Additional Signatures) OFFICIAL COMMENT: Xifrat1-Sign.I"
1767:"Efficient and post-quantum secure lattice-based signature scheme"
1050:
981:
782:
546:
RLCE by Alain Couvreur, Matthieu Lequesne, and Jean-Pierre Tillich
129:
3858:"Buffer overflows in HAETAE / On crypto vs implementation errors"
3176:
1602:
NIST Releases First 3 Finalized Post-Quantum Encryption Standards
1424:
HPPC by Ward Beullens;Pierre Briaud, Maxime Bros, and Ray Perlner
1155:
SIKE: by Wouter Castryck and Thomas Decru on a classical computer
558:
McNie by Philippe Gaborit; Terry Shue Chien Lau and Chik How Tan
3218:
1633:"NIST Released NISTIR 8105, Report on Post-Quantum Cryptography"
1119:
973:
787:
603:
25:
4543:
4030:
3524:
3415:
3362:
2047:"Practical attacks against the Walnut digital signature scheme"
53:
algorithm insecure by 2030. As a result, a need to standardize
4380:
4234:
3552:
3157:"masksign/raccoon: Raccoon Signature Scheme -- Reference Code"
2397:
2085:"Learning strikes again: the case of the DRS signature scheme"
2018:"Dear all, We have broken SRTPI under CPA and TPSig under KMA"
1655:"NIST Asks Public to Help Future-Proof Electronic Information"
3628:"Round 1 (Additional Signatures) OFFICIAL COMMENT: EagleSign"
3568:"Round 1 (Additional Signatures) OFFICIAL COMMENT: EagleSign"
3143:"RACCOON â Not just a signature, a whole family of it !"
3142:
2368:
1969:
3748:"Round 1 (Additional Signatures) OFFICIAL COMMENT: DME-Sign"
3443:
3232:
3190:
2465:
1829:
1404:
Additional signature round one submissions published attacks
1064:
612:
Round5 (merger of Round2 and Hila5, announced 4 August 2018)
190:
Round5 (merger of Round2 and Hila5, announced 4 August 2018)
3718:"Round 1 (Additional Signatures) OFFICIAL COMMENT: FuLeeca"
3688:"Round 1 (Additional Signatures) OFFICIAL COMMENT: Biscuit"
3468:
2317:
1995:
1577:
3482:
3274:
2064:
Kotov, Matvei; Menshov, Anton; Ushakov, Alexander (2018).
1451:
HAETAE by Markku-Juhani O. Saarinen (implementation only?)
555:
RankSign by Thomas Debris-Alazard and Jean-Pierre Tillich
3888:"Round 1 (Additional Signatures) OFFICIAL COMMENT: SDitH"
3788:"Round 1 (Additional Signatures) OFFICIAL COMMENT: EHTv3"
3246:
2914:
Grubbs, Paul; Maram, Varun; Paterson, Kenneth G. (2021).
2490:
1427:
ALTEQ by Markku-Juhani O. Saarinen (implementation only?)
1114:
890:
4009:
3703:"Round 1 (Additional Signatures) OFFICIAL COMMENT: MEDS"
3658:"Round 1 (Additional Signatures) OFFICIAL COMMENT: HPPC"
3643:"Round 1 (Additional Signatures) OFFICIAL COMMENT: HPPC"
3496:
3316:
3302:
3288:
3260:
2342:
2289:"Round 2 Submissions â Post-Quantum Cryptography â CSRC"
1682:"Round 1 Submissions â Post-Quantum Cryptography â CSRC"
1487:â Competition to design authenticated encryption schemes
18:
Project by NIST to standardize post-quantum cryptography
3924:"Round 1 (Additional Signatures) OFFICIAL COMMENT: VOX"
3803:"Round 1 (Additional Signatures) OFFICIAL COMMENT: EHT"
3510:
3128:
2641:
2515:
1124:
1080:
895:
4709:
Cryptographically secure pseudorandom number generator
4005:
NIST's official Website on the standardization process
3538:
3401:
2916:"Anonymous, Robust Post-Quantum Public Key Encryption"
2616:
2594:
1774:
3539:"Come and join the FAEST | FAEST Signature Algorithm"
3330:
2066:"An attack on the walnut digital signature algorithm"
532:
by Matvei Kotov, Anton Menshov and Alexander Ushakov
4018:
2735:
2710:
1138:
543:
Edon-K by Matthieu Lequesne and Jean-Pierre Tillich
4821:
4577:
4475:
4434:
4393:
4321:
4263:
4144:
4071:
4064:
3873:"HuFu: Big-flipping forgeries and buffer overflows"
1436:
FuLeeca by Felicitas Hörmann and Wessel van Woerden
1706:
1704:
1702:
3979:Ferreira, River Moreira; Perret, Ludovic (2024),
2876:"Submission Requirements and Evaluation Criteria"
997:Rainbow: by Ward Beullens on a classical computer
2736:"SIKE â Supersingular Isogeny Key Encapsulation"
1824:
1822:
1597:
1595:
663:ROLLO (merger of Ouroboros-R, LAKE and LOCKER)
293:ROLLO (merger of Ouroboros-R, LAKE and LOCKER)
2894:"Breaking Rainbow Takes a Weekend on a Laptop"
1415:KAZ-SIGN by Daniel J. Bernstein; Scott Fluhrer
1191:Additional Digital Signature Schemes Round One
4555:
4042:
2851:"Third PQC Standardization Conference | CSRC"
2256:Advances in Information and Computer Security
1735:
1733:
8:
2045:Beullens, Ward; Blackburn, Simon R. (2018).
3871:Saarinen, Markku-Juhani O. (29 July 2023).
3856:Saarinen, Markku-Juhani O. (27 July 2023).
3762:"OFFICIAL COMMENT: DME Key Recovery Attack"
3671:Saarinen, Markku-Juhani O. (18 July 2023).
3377:"OFFICIAL COMMENT: DME Key Recovery Attack"
1466:SNOVA by Yasuhiko Ikematsu and Rika Akiyama
1439:LESS by the LESS team (implementation only)
520:HK17 by Daniel J. Bernstein and Tanja Lange
4562:
4548:
4540:
4068:
4049:
4035:
4027:
4023:
4019:
3956:Ikematsu, Yasuhiko; Akiyama, Rika (2024),
3959:Revisiting the security analysis of SNOVA
3906:
2795:
2210:
2149:
2128:
2107:
1460:VOX by Hiroki Furue and Yasuhiko Ikematsu
992:Round three submissions published attacks
657:LEDAcrypt (merger of LEDAkem and LEDApkc)
606:(merger of NTRUEncrypt and NTRU-HRSS-KEM)
540:DAGS by Elise Barelli and Alain Couvreur
22:Post-Quantum Cryptography Standardization
1205:
1150:Round four submissions published attacks
1097:
1030:
853:
762:
569:
98:
2491:"BIKE â Bit Flipping Key Encapsulation"
2311:
2309:
1506:
529:by Ward Beullens and Simon R. Blackburn
498:Round one submissions published attacks
3731:Persichetti, Edoardo (21 July 2023).
3686:Bouillaguet, Charles (19 July 2023).
3342:
3340:
3031:"SIKE Team - Foreword and postscript"
2933:Karabulut, Emre; Aysu, Aydin (2021).
1807:from the original on 31 December 2022
1712:"NIST Post Quantum Crypto Submission"
1345:Supersingular elliptic curve isogeny
1133:Supersingular elliptic curve isogeny
934:Supersingular elliptic curve isogeny
712:Supersingular elliptic curve isogeny
425:Supersingular elliptic curve isogeny
80:or as NIST Special Publication (SP).
28:to update their standards to include
7:
4370:NaccacheâStern knapsack cryptosystem
3786:van Woerden, Wessel (25 July 2023).
3716:van Woerden, Wessel (20 July 2023).
1480:Advanced Encryption Standard process
3701:Niederhagen, Ruben (19 July 2023).
3347:Smith-Tone, Daniel (17 July 2023).
1886:; Heninger, Nadia (19 April 2017).
3816:VASSEUR, Valentin (29 July 2023).
2541:"LEDAkem Key Encapsulation Module"
1939:Panny, Lorenz (25 December 2017).
1554:Moody, Dustin (24 November 2020).
187:(withdrawn and merged into Round5)
146:(withdrawn and merged into Round5)
14:
4010:Post-quantum cryptography website
2566:"LEDApkc Public Key Cryptosystem"
1454:HuFu by Markku-Juhani O. Saarinen
299:(withdrawn and merged into ROLLO)
284:(withdrawn and merged into ROLLO)
269:(withdrawn and merged into ROLLO)
4897:
4896:
3922:Furue, Hiroki (28 August 2023).
3886:Carrier, Kevin (3 August 2023).
3626:Tibouchi, Mehdi (18 July 2023).
3581:Bernstein, D.J. (17 July 2023).
3566:Tibouchi, Mehdi (17 July 2023).
3075:"Onramp submissions are posted!"
2690:"LUOV -- An MQ signature scheme"
24:is a program and competition by
4401:Discrete logarithm cryptography
3641:Beullens, Ward (18 July 2023).
3596:Fluhrer, Scott (17 July 2023).
1515:"Post-Quantum Cryptography PQC"
4758:Information-theoretic security
3611:Panny, Lorenz (17 July 2023).
3073:Moody, Dustin (17 July 2023).
2711:"MQDSS post-quantum signature"
1496:NIST hash function competition
1430:Biscuit by Charles Bouillaguet
1421:eMLE-Sig 2.0 by Mehdi Tibouchi
1418:Xifrat1-Sign.I by Lorenz Panny
968:Intellectual property concerns
1:
3656:Perlner, Ray (21 July 2023).
3115:"SMAUG & HAETAE - HAETAE"
3047:Goodin, Dan (2 August 2022).
2083:Yu, Yang; Ducas, LĂ©o (2018).
1860:"McBits and Post-Quantum RSA"
537:DRS by Yang Yu and LĂ©o Ducas
4416:Non-commutative cryptography
3583:"OFFICIAL COMMENT: KAZ-SIGN"
1202:means it has been withdrawn)
503:Guess Again by Lorenz Panny
95:means it had been withdrawn)
63:key encapsulation mechanisms
4874:Message authentication code
4829:Cryptographic hash function
4642:Cryptographic hash function
4513:Identity-based cryptography
4406:Elliptic-curve cryptography
3801:Suhl, Adam (29 July 2023).
3746:Saarinen, Markku-Juhani O.
3089:"Digital Signature Schemes"
2264:10.1007/978-3-319-97916-8_2
1574:"Final Submission received"
1412:EagleSign by Mehdi Tibouchi
4953:
4753:Harvest now, decrypt later
3177:"Squirrels - Introduction"
2979:"Selected Algorithms 2022"
1491:Lattice-based cryptography
1409:3WISE by Daniel Smith-Tone
88:Under consideration were:
4937:Post-quantum cryptography
4892:
4869:Post-quantum cryptography
4539:
4518:Post-quantum cryptography
4467:Post-Quantum Cryptography
4026:
4022:
3673:"OFFICIAL COMMENT: ALTEQ"
3349:"OFFICIAL COMMENT: 3WISE"
2939:Cryptology ePrint Archive
2920:Cryptology ePrint Archive
2171:Cryptology ePrint Archive
2089:Cryptology ePrint Archive
2070:Cryptology ePrint Archive
2051:Cryptology ePrint Archive
30:post-quantum cryptography
4859:Quantum key distribution
4849:Authenticated encryption
4704:Random number generation
3733:"OFFICIAL COMMENT: LESS"
1141:(Broken August 5, 2022)
1024:Selected Algorithms 2022
149:KCL (pka OKCN/AKCN/CNKE)
114:Signature & PKE/KEM
4854:Public-key cryptography
4844:Symmetric-key algorithm
4647:Key derivation function
4607:Cryptographic primitive
4600:Authentication protocol
4590:Outline of cryptography
4585:History of cryptography
4411:Hash-based cryptography
4058:Public-key cryptography
2892:Beullens, Ward (2022).
1604:, NIST, August 13, 2024
1010:CRYSTAL-Kyber and SABER
4927:Cryptography standards
4595:Cryptographic protocol
1188:
4932:Cryptography contests
4748:End-to-end encryption
4694:Cryptojacking malware
4073:Integer factorization
3005:"Round 4 Submissions"
1166:
978:lattice-based schemes
951:Zero-knowledge proofs
729:Zero-knowledge proofs
443:Satirical submission
4864:Quantum cryptography
4788:Trusted timestamping
2797:10.6028/NIST.IR.8309
2194:. 13 September 2018.
1966:"Comments on RaCoSS"
850:Alternate candidates
523:SRTPI by Bo-Yin Yang
4627:Cryptographic nonce
4376:Three-pass protocol
2765:microsoft.github.io
2597:on 29 December 2017
2400:on 1 September 2019
2394:"NTRU Prime: Intro"
2185:"Official Comments"
1972:on 26 December 2017
1718:on 29 December 2017
1580:on 29 December 2017
513:, Andreas HĂŒlsing,
511:Daniel J. Bernstein
506:RVB by Lorenz Panny
137:EMBLEM and R.EMBLEM
4733:Subliminal channel
4717:Pseudorandom noise
4664:Key (cryptography)
4146:Discrete logarithm
2670:on 31 January 2019
1992:"Comments on HK17"
1888:"Post-quantum RSA"
1801:Microsoft Research
1777:on 9 December 2023
1661:. 20 December 2016
1635:. 21 December 2016
1614:Hong, Zhu (2001).
1485:CAESAR Competition
1182:proves vulnerable.
1060:CRYSTALS-Dilithium
802:CRYSTALS-Dilithium
625:CRYSTALS-Dilithium
206:CRYSTALS-Dilithium
59:digital signatures
4914:
4913:
4910:
4909:
4793:Key-based routing
4783:Trapdoor function
4654:Digital signature
4535:
4534:
4531:
4530:
4483:Digital signature
4426:Trapdoor function
4389:
4388:
4106:GoldwasserâMicali
3836:groups.google.com
3766:groups.google.com
3525:"AIMer Signature"
3381:groups.google.com
2373:Newhopecrypto.org
2273:978-3-319-97915-1
1998:on 5 January 2018
1884:Bernstein, Daniel
1856:Bernstein, Daniel
1745:Groups.google.com
1517:. 3 January 2017.
1401:
1400:
1203:
1147:
1146:
1088:
1087:
965:
964:
847:
846:
743:
742:
495:
494:
134:Ding Key Exchange
96:
71:quantum computing
4944:
4900:
4899:
4728:Insecure channel
4564:
4557:
4550:
4541:
4372:
4273:
4268:
4228:signature scheme
4131:OkamotoâUchiyama
4069:
4051:
4044:
4037:
4028:
4024:
4020:
3993:
3992:
3991:
3989:
3976:
3970:
3969:
3968:
3966:
3953:
3947:
3946:
3934:
3928:
3927:
3919:
3913:
3912:
3910:
3898:
3892:
3891:
3883:
3877:
3876:
3868:
3862:
3861:
3853:
3847:
3846:
3844:
3842:
3828:
3822:
3821:
3813:
3807:
3806:
3798:
3792:
3791:
3783:
3777:
3776:
3774:
3772:
3758:
3752:
3751:
3743:
3737:
3736:
3728:
3722:
3721:
3713:
3707:
3706:
3698:
3692:
3691:
3683:
3677:
3676:
3668:
3662:
3661:
3653:
3647:
3646:
3638:
3632:
3631:
3623:
3617:
3616:
3608:
3602:
3601:
3593:
3587:
3586:
3578:
3572:
3571:
3563:
3557:
3556:
3549:
3543:
3542:
3535:
3529:
3528:
3521:
3515:
3514:
3507:
3501:
3500:
3493:
3487:
3486:
3479:
3473:
3472:
3465:
3459:
3458:
3456:
3454:
3448:snova.pqclab.org
3440:
3434:
3433:
3426:
3420:
3419:
3412:
3406:
3405:
3398:
3392:
3391:
3389:
3387:
3373:
3367:
3366:
3359:
3353:
3352:
3344:
3335:
3334:
3331:"SD-in-the-Head"
3327:
3321:
3320:
3313:
3307:
3306:
3299:
3293:
3292:
3285:
3279:
3278:
3271:
3265:
3264:
3257:
3251:
3250:
3243:
3237:
3236:
3229:
3223:
3222:
3215:
3209:
3208:
3201:
3195:
3194:
3187:
3181:
3180:
3173:
3167:
3166:
3153:
3147:
3146:
3139:
3133:
3132:
3125:
3119:
3118:
3111:
3105:
3104:
3102:
3100:
3095:. 29 August 2022
3085:
3079:
3078:
3070:
3064:
3063:
3061:
3059:
3044:
3038:
3037:
3035:
3027:
3021:
3020:
3018:
3016:
3001:
2995:
2994:
2992:
2990:
2975:
2969:
2968:
2966:
2964:
2949:
2943:
2942:
2930:
2924:
2923:
2911:
2905:
2904:
2898:
2889:
2883:
2882:
2880:
2872:
2866:
2865:
2863:
2861:
2846:
2840:
2839:
2838:
2836:
2823:
2817:
2816:
2814:
2812:
2799:
2782:
2776:
2775:
2773:
2771:
2757:
2751:
2750:
2748:
2746:
2732:
2726:
2725:
2723:
2721:
2707:
2701:
2700:
2698:
2696:
2686:
2680:
2679:
2677:
2675:
2666:. Archived from
2660:
2654:
2653:
2651:
2649:
2638:
2632:
2631:
2629:
2627:
2613:
2607:
2606:
2604:
2602:
2593:. Archived from
2587:
2581:
2580:
2578:
2576:
2562:
2556:
2555:
2553:
2551:
2537:
2531:
2530:
2528:
2526:
2512:
2506:
2505:
2503:
2501:
2487:
2481:
2480:
2478:
2476:
2462:
2456:
2455:
2453:
2451:
2437:
2431:
2430:
2428:
2426:
2416:
2410:
2409:
2407:
2405:
2396:. Archived from
2390:
2384:
2383:
2381:
2379:
2367:Schwabe, Peter.
2364:
2358:
2357:
2355:
2353:
2339:
2333:
2332:
2330:
2328:
2316:Schwabe, Peter.
2313:
2304:
2303:
2301:
2299:
2284:
2278:
2277:
2251:
2245:
2244:
2242:
2240:
2231:
2223:
2217:
2216:
2214:
2202:
2196:
2195:
2189:
2181:
2175:
2174:
2162:
2156:
2155:
2153:
2141:
2135:
2134:
2132:
2120:
2114:
2113:
2111:
2099:
2093:
2092:
2080:
2074:
2073:
2061:
2055:
2054:
2042:
2036:
2035:
2033:
2031:
2022:
2014:
2008:
2007:
2005:
2003:
1994:. Archived from
1988:
1982:
1981:
1979:
1977:
1968:. Archived from
1962:
1956:
1955:
1953:
1951:
1936:
1930:
1929:
1927:
1925:
1916:
1908:
1902:
1901:
1899:
1897:
1892:
1880:
1874:
1873:
1871:
1869:
1864:
1851:
1845:
1844:
1842:
1840:
1826:
1817:
1816:
1814:
1812:
1793:
1787:
1786:
1784:
1782:
1773:. Archived from
1762:
1756:
1755:
1753:
1751:
1737:
1728:
1727:
1725:
1723:
1714:. Archived from
1708:
1697:
1696:
1694:
1692:
1677:
1671:
1670:
1668:
1666:
1651:
1645:
1644:
1642:
1640:
1629:
1623:
1622:
1620:
1611:
1605:
1599:
1590:
1589:
1587:
1585:
1576:. Archived from
1570:
1564:
1563:
1551:
1545:
1544:
1542:
1540:
1535:. 3 January 2017
1525:
1519:
1518:
1511:
1357:Symmetric-based
1276:MPC-in-the-Head
1257:Enhanced pqsigRM
1206:
1197:
1120:Classic McEliece
1098:
1031:
854:
763:
570:
517:and Lorenz Panny
99:
90:
4952:
4951:
4947:
4946:
4945:
4943:
4942:
4941:
4917:
4916:
4915:
4906:
4888:
4817:
4573:
4568:
4527:
4471:
4435:Standardization
4430:
4385:
4368:
4317:
4265:Lattice/SVP/CVP
4259:
4140:
4086:BlumâGoldwasser
4060:
4055:
4001:
3996:
3987:
3985:
3978:
3977:
3973:
3964:
3962:
3955:
3954:
3950:
3936:
3935:
3931:
3921:
3920:
3916:
3900:
3899:
3895:
3885:
3884:
3880:
3870:
3869:
3865:
3855:
3854:
3850:
3840:
3838:
3830:
3829:
3825:
3815:
3814:
3810:
3800:
3799:
3795:
3785:
3784:
3780:
3770:
3768:
3760:
3759:
3755:
3745:
3744:
3740:
3730:
3729:
3725:
3715:
3714:
3710:
3700:
3699:
3695:
3685:
3684:
3680:
3670:
3669:
3665:
3655:
3654:
3650:
3640:
3639:
3635:
3625:
3624:
3620:
3610:
3609:
3605:
3595:
3594:
3590:
3580:
3579:
3575:
3565:
3564:
3560:
3551:
3550:
3546:
3537:
3536:
3532:
3523:
3522:
3518:
3509:
3508:
3504:
3495:
3494:
3490:
3481:
3480:
3476:
3467:
3466:
3462:
3452:
3450:
3442:
3441:
3437:
3428:
3427:
3423:
3414:
3413:
3409:
3400:
3399:
3395:
3385:
3383:
3375:
3374:
3370:
3361:
3360:
3356:
3346:
3345:
3338:
3329:
3328:
3324:
3315:
3314:
3310:
3301:
3300:
3296:
3287:
3286:
3282:
3273:
3272:
3268:
3259:
3258:
3254:
3245:
3244:
3240:
3231:
3230:
3226:
3217:
3216:
3212:
3203:
3202:
3198:
3189:
3188:
3184:
3175:
3174:
3170:
3155:
3154:
3150:
3141:
3140:
3136:
3127:
3126:
3122:
3113:
3112:
3108:
3098:
3096:
3087:
3086:
3082:
3072:
3071:
3067:
3057:
3055:
3046:
3045:
3041:
3033:
3029:
3028:
3024:
3014:
3012:
3003:
3002:
2998:
2988:
2986:
2977:
2976:
2972:
2962:
2960:
2951:
2950:
2946:
2932:
2931:
2927:
2913:
2912:
2908:
2901:Eprint.iacr.org
2896:
2891:
2890:
2886:
2878:
2874:
2873:
2869:
2859:
2857:
2848:
2847:
2843:
2834:
2832:
2825:
2824:
2820:
2810:
2808:
2784:
2783:
2779:
2769:
2767:
2759:
2758:
2754:
2744:
2742:
2734:
2733:
2729:
2719:
2717:
2709:
2708:
2704:
2694:
2692:
2688:
2687:
2683:
2673:
2671:
2662:
2661:
2657:
2647:
2645:
2640:
2639:
2635:
2625:
2623:
2615:
2614:
2610:
2600:
2598:
2589:
2588:
2584:
2574:
2572:
2564:
2563:
2559:
2549:
2547:
2539:
2538:
2534:
2524:
2522:
2514:
2513:
2509:
2499:
2497:
2489:
2488:
2484:
2474:
2472:
2464:
2463:
2459:
2449:
2447:
2445:SourceForge.net
2439:
2438:
2434:
2424:
2422:
2418:
2417:
2413:
2403:
2401:
2392:
2391:
2387:
2377:
2375:
2366:
2365:
2361:
2351:
2349:
2341:
2340:
2336:
2326:
2324:
2322:Pq-crystals.org
2315:
2314:
2307:
2297:
2295:
2286:
2285:
2281:
2274:
2253:
2252:
2248:
2238:
2236:
2229:
2225:
2224:
2220:
2204:
2203:
2199:
2187:
2183:
2182:
2178:
2164:
2163:
2159:
2143:
2142:
2138:
2122:
2121:
2117:
2101:
2100:
2096:
2082:
2081:
2077:
2063:
2062:
2058:
2044:
2043:
2039:
2029:
2027:
2020:
2016:
2015:
2011:
2001:
1999:
1990:
1989:
1985:
1975:
1973:
1964:
1963:
1959:
1949:
1947:
1938:
1937:
1933:
1923:
1921:
1914:
1910:
1909:
1905:
1895:
1893:
1890:
1882:
1881:
1877:
1867:
1865:
1862:
1858:(28 May 2010).
1854:
1852:
1848:
1838:
1836:
1828:
1827:
1820:
1810:
1808:
1795:
1794:
1790:
1780:
1778:
1764:
1763:
1759:
1749:
1747:
1741:"Google Groups"
1739:
1738:
1731:
1721:
1719:
1710:
1709:
1700:
1690:
1688:
1679:
1678:
1674:
1664:
1662:
1653:
1652:
1648:
1638:
1636:
1631:
1630:
1626:
1618:
1613:
1612:
1608:
1600:
1593:
1583:
1581:
1572:
1571:
1567:
1553:
1552:
1548:
1538:
1536:
1527:
1526:
1522:
1513:
1512:
1508:
1504:
1476:
1406:
1227:EHTv3 and EHTv4
1196:
1193:
1162:
1152:
1093:
1026:
1004:
994:
970:
852:
761:
748:
565:
500:
475:Mersenne-756839
345:Gravity-SPHINCS
89:
86:
46:
19:
12:
11:
5:
4950:
4948:
4940:
4939:
4934:
4929:
4919:
4918:
4912:
4911:
4908:
4907:
4905:
4904:
4893:
4890:
4889:
4887:
4886:
4881:
4879:Random numbers
4876:
4871:
4866:
4861:
4856:
4851:
4846:
4841:
4836:
4831:
4825:
4823:
4819:
4818:
4816:
4815:
4810:
4805:
4803:Garlic routing
4800:
4795:
4790:
4785:
4780:
4775:
4770:
4765:
4760:
4755:
4750:
4745:
4740:
4735:
4730:
4725:
4723:Secure channel
4720:
4714:
4713:
4712:
4701:
4696:
4691:
4686:
4684:Key stretching
4681:
4676:
4671:
4666:
4661:
4656:
4651:
4650:
4649:
4644:
4634:
4632:Cryptovirology
4629:
4624:
4619:
4617:Cryptocurrency
4614:
4609:
4604:
4603:
4602:
4592:
4587:
4581:
4579:
4575:
4574:
4569:
4567:
4566:
4559:
4552:
4544:
4537:
4536:
4533:
4532:
4529:
4528:
4526:
4525:
4520:
4515:
4510:
4505:
4500:
4495:
4490:
4485:
4479:
4477:
4473:
4472:
4470:
4469:
4464:
4459:
4454:
4449:
4444:
4438:
4436:
4432:
4431:
4429:
4428:
4423:
4418:
4413:
4408:
4403:
4397:
4395:
4391:
4390:
4387:
4386:
4384:
4383:
4378:
4373:
4366:
4364:MerkleâHellman
4361:
4356:
4351:
4346:
4341:
4336:
4331:
4325:
4323:
4319:
4318:
4316:
4315:
4310:
4305:
4300:
4295:
4290:
4285:
4279:
4277:
4261:
4260:
4258:
4257:
4252:
4247:
4242:
4237:
4232:
4231:
4230:
4220:
4215:
4210:
4209:
4208:
4203:
4193:
4188:
4187:
4186:
4181:
4171:
4166:
4161:
4156:
4150:
4148:
4142:
4141:
4139:
4138:
4133:
4128:
4123:
4118:
4113:
4111:NaccacheâStern
4108:
4103:
4098:
4093:
4088:
4083:
4077:
4075:
4066:
4062:
4061:
4056:
4054:
4053:
4046:
4039:
4031:
4017:
4016:
4007:
4000:
3999:External links
3997:
3995:
3994:
3971:
3948:
3929:
3914:
3893:
3878:
3863:
3848:
3823:
3808:
3793:
3778:
3753:
3738:
3723:
3708:
3693:
3678:
3663:
3648:
3633:
3618:
3603:
3588:
3573:
3558:
3544:
3530:
3516:
3502:
3488:
3474:
3460:
3435:
3421:
3407:
3393:
3368:
3354:
3336:
3322:
3308:
3294:
3280:
3266:
3252:
3238:
3224:
3219:"LESS project"
3210:
3196:
3191:"CROSS crypto"
3182:
3168:
3148:
3134:
3120:
3106:
3080:
3065:
3039:
3022:
2996:
2970:
2944:
2925:
2906:
2884:
2867:
2841:
2831:, 10 June 2021
2818:
2777:
2752:
2727:
2702:
2681:
2655:
2633:
2608:
2582:
2557:
2532:
2507:
2482:
2457:
2432:
2411:
2385:
2359:
2334:
2305:
2279:
2272:
2246:
2218:
2197:
2176:
2157:
2136:
2115:
2094:
2075:
2056:
2037:
2009:
1983:
1957:
1931:
1903:
1875:
1846:
1818:
1788:
1757:
1729:
1698:
1672:
1646:
1624:
1606:
1591:
1565:
1546:
1520:
1505:
1503:
1500:
1499:
1498:
1493:
1488:
1482:
1475:
1472:
1471:
1470:
1467:
1464:
1461:
1458:
1455:
1452:
1449:
1446:
1443:
1440:
1437:
1434:
1431:
1428:
1425:
1422:
1419:
1416:
1413:
1410:
1405:
1402:
1399:
1398:
1397:
1396:
1395:Xifrat1-Sign.I
1393:
1390:
1387:
1384:
1379:
1375:
1374:
1373:
1372:
1369:
1366:
1363:
1358:
1354:
1353:
1352:
1351:
1346:
1342:
1341:
1340:
1339:
1336:
1333:
1330:
1327:
1324:
1321:
1318:
1315:
1312:
1309:
1304:
1300:
1299:
1298:
1297:
1294:
1291:
1288:
1285:
1282:
1277:
1273:
1272:
1271:
1270:
1267:
1264:
1261:
1258:
1255:
1250:
1246:
1245:
1244:
1243:
1240:
1237:
1234:
1231:
1228:
1225:
1220:
1214:
1213:
1210:
1192:
1189:
1187:
1186:
1183:
1179:
1175:
1161:
1158:
1157:
1156:
1151:
1148:
1145:
1144:
1143:
1142:
1134:
1130:
1129:
1128:
1127:
1122:
1117:
1110:
1106:
1105:
1102:
1092:
1089:
1086:
1085:
1084:
1083:
1076:
1074:
1070:
1069:
1068:
1067:
1062:
1055:
1054:
1053:
1051:CRYSTALS-Kyber
1046:
1042:
1041:
1038:
1035:
1025:
1022:
1021:
1020:
1017:
1014:
1011:
1003:
1000:
999:
998:
993:
990:
969:
966:
963:
962:
961:
960:
955:
953:
947:
946:
944:
943:
942:
935:
931:
930:
929:
928:
923:
921:
917:
916:
915:
914:
909:
907:
903:
902:
900:
899:
898:
893:
886:
882:
881:
879:
878:
877:
874:
869:
865:
864:
861:
858:
851:
848:
845:
844:
843:
842:
835:
833:
829:
828:
826:
825:
824:
816:
812:
811:
810:
809:
804:
797:
796:
795:
790:
785:
783:CRYSTALS-Kyber
778:
774:
773:
770:
767:
760:
757:
747:
744:
741:
740:
739:
738:
733:
731:
725:
724:
722:
721:
720:
713:
709:
708:
707:
706:
703:
700:
697:
692:
690:
686:
685:
684:
683:
678:
676:
672:
671:
669:
668:
667:
664:
661:
658:
655:
652:
646:
641:
637:
636:
635:
634:
631:
626:
621:
620:
619:
616:
613:
610:
607:
601:
596:
593:
590:
589:CRYSTALS-Kyber
585:
581:
580:
577:
574:
564:
561:
560:
559:
556:
553:
550:
547:
544:
541:
538:
535:
534:
533:
530:
524:
521:
518:
507:
504:
499:
496:
493:
492:
490:
489:
488:
483:
482:
481:
476:
473:
468:
463:
459:
458:
457:
456:
448:
446:
444:
440:
439:
437:
435:
434:
433:
426:
422:
421:
419:
418:
417:
412:
410:
406:
405:
404:
403:
400:
393:
392:
391:
388:
385:
382:
379:
376:
373:
368:
367:
366:
363:
358:
354:
353:
351:
350:
349:
346:
341:
339:
335:
334:
332:
331:
330:
325:
322:
317:
316:
315:
312:
309:
306:
300:
294:
291:
288:
285:
279:
276:
273:
270:
264:
261:
256:
253:
240:
237:
232:
228:
227:
225:
224:
223:
220:
215:
210:
207:
202:
201:
200:
197:
194:
191:
188:
182:
179:
176:
173:
168:
165:
162:
159:
156:
153:
150:
147:
141:
138:
135:
132:
130:CRYSTALS-Kyber
127:
122:
116:
115:
112:
109:
103:
85:
82:
55:quantum-secure
45:
42:
17:
13:
10:
9:
6:
4:
3:
2:
4949:
4938:
4935:
4933:
4930:
4928:
4925:
4924:
4922:
4903:
4895:
4894:
4891:
4885:
4884:Steganography
4882:
4880:
4877:
4875:
4872:
4870:
4867:
4865:
4862:
4860:
4857:
4855:
4852:
4850:
4847:
4845:
4842:
4840:
4839:Stream cipher
4837:
4835:
4832:
4830:
4827:
4826:
4824:
4820:
4814:
4811:
4809:
4806:
4804:
4801:
4799:
4798:Onion routing
4796:
4794:
4791:
4789:
4786:
4784:
4781:
4779:
4778:Shared secret
4776:
4774:
4771:
4769:
4766:
4764:
4761:
4759:
4756:
4754:
4751:
4749:
4746:
4744:
4741:
4739:
4736:
4734:
4731:
4729:
4726:
4724:
4721:
4718:
4715:
4710:
4707:
4706:
4705:
4702:
4700:
4697:
4695:
4692:
4690:
4687:
4685:
4682:
4680:
4677:
4675:
4674:Key generator
4672:
4670:
4667:
4665:
4662:
4660:
4657:
4655:
4652:
4648:
4645:
4643:
4640:
4639:
4638:
4637:Hash function
4635:
4633:
4630:
4628:
4625:
4623:
4620:
4618:
4615:
4613:
4612:Cryptanalysis
4610:
4608:
4605:
4601:
4598:
4597:
4596:
4593:
4591:
4588:
4586:
4583:
4582:
4580:
4576:
4572:
4565:
4560:
4558:
4553:
4551:
4546:
4545:
4542:
4538:
4524:
4521:
4519:
4516:
4514:
4511:
4509:
4506:
4504:
4501:
4499:
4496:
4494:
4491:
4489:
4486:
4484:
4481:
4480:
4478:
4474:
4468:
4465:
4463:
4460:
4458:
4455:
4453:
4450:
4448:
4445:
4443:
4440:
4439:
4437:
4433:
4427:
4424:
4422:
4419:
4417:
4414:
4412:
4409:
4407:
4404:
4402:
4399:
4398:
4396:
4392:
4382:
4379:
4377:
4374:
4371:
4367:
4365:
4362:
4360:
4357:
4355:
4352:
4350:
4347:
4345:
4342:
4340:
4337:
4335:
4332:
4330:
4327:
4326:
4324:
4320:
4314:
4311:
4309:
4306:
4304:
4301:
4299:
4296:
4294:
4291:
4289:
4286:
4284:
4281:
4280:
4278:
4276:
4271:
4266:
4262:
4256:
4253:
4251:
4248:
4246:
4243:
4241:
4238:
4236:
4233:
4229:
4226:
4225:
4224:
4221:
4219:
4216:
4214:
4211:
4207:
4204:
4202:
4199:
4198:
4197:
4194:
4192:
4189:
4185:
4182:
4180:
4177:
4176:
4175:
4172:
4170:
4167:
4165:
4162:
4160:
4157:
4155:
4152:
4151:
4149:
4147:
4143:
4137:
4136:SchmidtâSamoa
4134:
4132:
4129:
4127:
4124:
4122:
4119:
4117:
4114:
4112:
4109:
4107:
4104:
4102:
4099:
4097:
4096:DamgĂ„rdâJurik
4094:
4092:
4091:CayleyâPurser
4089:
4087:
4084:
4082:
4079:
4078:
4076:
4074:
4070:
4067:
4063:
4059:
4052:
4047:
4045:
4040:
4038:
4033:
4032:
4029:
4025:
4021:
4015:
4011:
4008:
4006:
4003:
4002:
3998:
3984:
3983:
3975:
3972:
3961:
3960:
3952:
3949:
3944:
3940:
3933:
3930:
3925:
3918:
3915:
3909:
3904:
3897:
3894:
3889:
3882:
3879:
3874:
3867:
3864:
3859:
3852:
3849:
3837:
3833:
3827:
3824:
3819:
3812:
3809:
3804:
3797:
3794:
3789:
3782:
3779:
3767:
3763:
3757:
3754:
3749:
3742:
3739:
3734:
3727:
3724:
3719:
3712:
3709:
3704:
3697:
3694:
3689:
3682:
3679:
3674:
3667:
3664:
3659:
3652:
3649:
3644:
3637:
3634:
3629:
3622:
3619:
3614:
3607:
3604:
3599:
3592:
3589:
3584:
3577:
3574:
3569:
3562:
3559:
3554:
3548:
3545:
3540:
3534:
3531:
3526:
3520:
3517:
3512:
3506:
3503:
3498:
3492:
3489:
3484:
3478:
3475:
3470:
3464:
3461:
3449:
3445:
3439:
3436:
3431:
3425:
3422:
3417:
3411:
3408:
3403:
3397:
3394:
3382:
3378:
3372:
3369:
3364:
3358:
3355:
3350:
3343:
3341:
3337:
3332:
3326:
3323:
3318:
3312:
3309:
3304:
3298:
3295:
3290:
3284:
3281:
3276:
3270:
3267:
3262:
3256:
3253:
3248:
3242:
3239:
3234:
3228:
3225:
3220:
3214:
3211:
3206:
3200:
3197:
3192:
3186:
3183:
3178:
3172:
3169:
3164:
3163:
3158:
3152:
3149:
3144:
3138:
3135:
3130:
3124:
3121:
3116:
3110:
3107:
3094:
3093:csrc.nist.gov
3090:
3084:
3081:
3076:
3069:
3066:
3054:
3050:
3043:
3040:
3032:
3026:
3023:
3011:. 5 July 2022
3010:
3006:
3000:
2997:
2985:. 5 July 2022
2984:
2980:
2974:
2971:
2959:. 5 July 2022
2958:
2954:
2948:
2945:
2940:
2936:
2929:
2926:
2921:
2917:
2910:
2907:
2902:
2895:
2888:
2885:
2877:
2871:
2868:
2856:
2852:
2845:
2842:
2830:
2829:
2822:
2819:
2807:
2803:
2798:
2793:
2789:
2781:
2778:
2766:
2762:
2756:
2753:
2741:
2737:
2731:
2728:
2716:
2712:
2706:
2703:
2691:
2685:
2682:
2669:
2665:
2659:
2656:
2644:. Sphincs.org
2643:
2637:
2634:
2622:
2618:
2612:
2609:
2596:
2592:
2586:
2583:
2571:
2570:Ledacrypt.org
2567:
2561:
2558:
2546:
2545:Ledacrypt.org
2542:
2536:
2533:
2521:
2517:
2511:
2508:
2496:
2495:Bikesuite.org
2492:
2486:
2483:
2471:
2467:
2461:
2458:
2446:
2442:
2436:
2433:
2421:
2415:
2412:
2399:
2395:
2389:
2386:
2374:
2370:
2363:
2360:
2348:
2344:
2338:
2335:
2323:
2319:
2312:
2310:
2306:
2294:
2293:Csrc.nist.gov
2290:
2283:
2280:
2275:
2269:
2265:
2261:
2257:
2250:
2247:
2235:
2234:Csrc.nist.gov
2228:
2222:
2219:
2213:
2208:
2201:
2198:
2193:
2192:Csrc.nist.gov
2186:
2180:
2177:
2172:
2168:
2161:
2158:
2152:
2147:
2140:
2137:
2131:
2126:
2119:
2116:
2110:
2105:
2098:
2095:
2090:
2086:
2079:
2076:
2071:
2067:
2060:
2057:
2052:
2048:
2041:
2038:
2026:
2025:Csrc.nist.gov
2019:
2013:
2010:
1997:
1993:
1987:
1984:
1971:
1967:
1961:
1958:
1946:
1942:
1935:
1932:
1920:
1919:Csrc.nist.gov
1913:
1907:
1904:
1889:
1885:
1879:
1876:
1861:
1857:
1850:
1847:
1835:
1834:Pqc-rollo.org
1831:
1825:
1823:
1819:
1806:
1802:
1798:
1792:
1789:
1776:
1772:
1768:
1765:qTESLA team.
1761:
1758:
1746:
1742:
1736:
1734:
1730:
1717:
1713:
1707:
1705:
1703:
1699:
1687:
1686:Csrc.nist.gov
1683:
1676:
1673:
1660:
1656:
1650:
1647:
1634:
1628:
1625:
1617:
1610:
1607:
1603:
1598:
1596:
1592:
1579:
1575:
1569:
1566:
1561:
1557:
1550:
1547:
1534:
1533:Csrc.nist.gov
1530:
1524:
1521:
1516:
1510:
1507:
1501:
1497:
1494:
1492:
1489:
1486:
1483:
1481:
1478:
1477:
1473:
1468:
1465:
1462:
1459:
1456:
1453:
1450:
1447:
1444:
1441:
1438:
1435:
1432:
1429:
1426:
1423:
1420:
1417:
1414:
1411:
1408:
1407:
1403:
1394:
1391:
1388:
1385:
1382:
1381:
1380:
1377:
1376:
1371:SPHINCS-alpha
1370:
1367:
1364:
1361:
1360:
1359:
1356:
1355:
1349:
1348:
1347:
1344:
1343:
1337:
1334:
1331:
1328:
1325:
1322:
1319:
1316:
1313:
1310:
1307:
1306:
1305:
1303:Multivariate
1302:
1301:
1295:
1292:
1289:
1286:
1283:
1280:
1279:
1278:
1275:
1274:
1268:
1265:
1262:
1259:
1256:
1253:
1252:
1251:
1248:
1247:
1241:
1238:
1235:
1232:
1229:
1226:
1223:
1222:
1221:
1219:
1216:
1215:
1211:
1208:
1207:
1204:
1201:
1200:strikethrough
1190:
1184:
1180:
1176:
1172:
1171:
1170:
1165:
1160:First release
1159:
1154:
1153:
1149:
1140:
1137:
1136:
1135:
1132:
1131:
1126:
1123:
1121:
1118:
1116:
1113:
1112:
1111:
1108:
1107:
1103:
1100:
1099:
1096:
1090:
1082:
1079:
1078:
1077:
1075:
1072:
1071:
1066:
1063:
1061:
1058:
1057:
1056:
1052:
1049:
1048:
1047:
1044:
1043:
1039:
1036:
1033:
1032:
1029:
1023:
1018:
1015:
1012:
1009:
1008:
1007:
1001:
996:
995:
991:
989:
987:
983:
979:
975:
967:
958:
957:
956:
954:
952:
949:
948:
945:
941:
938:
937:
936:
933:
932:
926:
925:
924:
922:
920:Multivariate
919:
918:
912:
911:
910:
908:
905:
904:
901:
897:
894:
892:
889:
888:
887:
884:
883:
880:
875:
872:
871:
870:
867:
866:
862:
859:
856:
855:
849:
841:
838:
837:
836:
834:
832:Multivariate
831:
830:
827:
823:
819:
818:
817:
814:
813:
808:
805:
803:
800:
799:
798:
794:
791:
789:
786:
784:
781:
780:
779:
776:
775:
771:
768:
765:
764:
758:
756:
752:
745:
736:
735:
734:
732:
730:
727:
726:
723:
719:
716:
715:
714:
711:
710:
704:
701:
698:
695:
694:
693:
691:
689:Multivariate
688:
687:
681:
680:
679:
677:
674:
673:
670:
665:
662:
659:
656:
653:
651:
647:
644:
643:
642:
639:
638:
632:
630:
627:
624:
623:
622:
617:
614:
611:
608:
605:
602:
600:
597:
594:
591:
588:
587:
586:
583:
582:
578:
575:
572:
571:
568:
562:
557:
554:
551:
548:
545:
542:
539:
536:
531:
528:
527:
525:
522:
519:
516:
512:
508:
505:
502:
501:
497:
491:
486:
485:
484:
480:
477:
474:
472:
469:
466:
465:
464:
461:
460:
455:
451:
450:
449:
447:
445:
442:
441:
438:
436:
432:
429:
428:
427:
424:
423:
420:
415:
414:
413:
411:
408:
407:
401:
399:
396:
395:
394:
389:
386:
383:
380:
377:
374:
371:
370:
369:
364:
361:
360:
359:
357:Multivariate
356:
355:
352:
347:
344:
343:
342:
340:
337:
336:
333:
329:
326:
323:
320:
319:
318:
313:
310:
307:
305:
301:
298:
295:
292:
289:
286:
283:
280:
277:
274:
271:
268:
265:
262:
260:
257:
254:
252:
249:
245:
241:
238:
235:
234:
233:
230:
229:
226:
221:
219:
216:
214:
211:
208:
205:
204:
203:
198:
195:
192:
189:
186:
183:
181:Odd Manhattan
180:
177:
175:NTRU-HRSS-KEM
174:
172:
169:
166:
163:
160:
157:
154:
151:
148:
145:
142:
139:
136:
133:
131:
128:
125:
124:
123:
121:
118:
117:
113:
110:
108:
104:
101:
100:
97:
94:
93:strikethrough
83:
81:
79:
74:
72:
66:
64:
60:
56:
52:
43:
41:
38:
35:
31:
27:
23:
16:
4834:Block cipher
4679:Key schedule
4669:Key exchange
4659:Kleptography
4622:Cryptosystem
4571:Cryptography
4523:OpenPGP card
4503:Web of trust
4466:
4159:CramerâShoup
3986:, retrieved
3981:
3974:
3963:, retrieved
3958:
3951:
3945:(2023/1133).
3942:
3932:
3917:
3896:
3881:
3866:
3851:
3841:30 September
3839:. Retrieved
3835:
3826:
3811:
3796:
3781:
3771:10 September
3769:. Retrieved
3765:
3756:
3741:
3726:
3711:
3696:
3681:
3666:
3651:
3636:
3621:
3606:
3591:
3576:
3561:
3547:
3533:
3519:
3505:
3491:
3477:
3463:
3453:23 September
3451:. Retrieved
3447:
3438:
3424:
3410:
3396:
3386:10 September
3384:. Retrieved
3380:
3371:
3357:
3325:
3311:
3297:
3283:
3269:
3255:
3241:
3227:
3213:
3199:
3185:
3171:
3160:
3151:
3137:
3123:
3109:
3097:. Retrieved
3092:
3083:
3068:
3056:. Retrieved
3053:Ars Technica
3052:
3042:
3025:
3013:. Retrieved
3008:
2999:
2987:. Retrieved
2982:
2973:
2961:. Retrieved
2956:
2947:
2938:
2928:
2919:
2909:
2900:
2887:
2870:
2858:. Retrieved
2854:
2844:
2833:, retrieved
2827:
2821:
2809:. Retrieved
2780:
2768:. Retrieved
2764:
2755:
2743:. Retrieved
2739:
2730:
2718:. Retrieved
2714:
2705:
2693:. Retrieved
2684:
2672:. Retrieved
2668:the original
2658:
2646:. Retrieved
2636:
2624:. Retrieved
2620:
2611:
2599:. Retrieved
2595:the original
2585:
2573:. Retrieved
2569:
2560:
2548:. Retrieved
2544:
2535:
2523:. Retrieved
2519:
2510:
2498:. Retrieved
2494:
2485:
2473:. Retrieved
2469:
2460:
2448:. Retrieved
2444:
2441:"ThreeBears"
2435:
2423:. Retrieved
2414:
2402:. Retrieved
2398:the original
2388:
2376:. Retrieved
2372:
2362:
2350:. Retrieved
2347:Frodokem.org
2346:
2337:
2325:. Retrieved
2321:
2296:. Retrieved
2292:
2282:
2255:
2249:
2237:. Retrieved
2233:
2221:
2200:
2191:
2179:
2170:
2160:
2139:
2118:
2097:
2088:
2078:
2069:
2059:
2050:
2040:
2028:. Retrieved
2024:
2012:
2000:. Retrieved
1996:the original
1986:
1974:. Retrieved
1970:the original
1960:
1948:. Retrieved
1934:
1922:. Retrieved
1918:
1906:
1894:. Retrieved
1878:
1866:. Retrieved
1849:
1837:. Retrieved
1833:
1809:. Retrieved
1800:
1791:
1779:. Retrieved
1775:the original
1770:
1760:
1748:. Retrieved
1744:
1720:. Retrieved
1716:the original
1689:. Retrieved
1685:
1675:
1663:. Retrieved
1658:
1649:
1637:. Retrieved
1627:
1609:
1582:. Retrieved
1578:the original
1568:
1559:
1549:
1537:. Retrieved
1532:
1523:
1509:
1386:eMLE-Sig 2.0
1199:
1194:
1167:
1163:
1094:
1027:
1005:
971:
753:
749:
566:
478:
470:
409:Braid group
397:
327:
296:
281:
266:
258:
184:
143:
92:
87:
75:
67:
47:
39:
21:
20:
15:
4822:Mathematics
4813:Mix network
4493:Fingerprint
4457:NSA Suite B
4421:RSA problem
4298:NTRUEncrypt
3943:IACR ePrint
3009:CSRC | NIST
2983:CSRC | NIST
2855:CSRC | NIST
2770:26 February
2621:Pqc-rqc.org
2601:29 December
2520:Pqc-hqc.org
1896:10 December
1868:10 December
1722:29 December
1584:29 December
1249:Code-based
1109:Code-based
1073:Hash-based
1002:Adaptations
906:Hash-based
885:Code-based
815:Code-based
746:Round three
675:Hash-based
640:Code-based
618:Three Bears
515:Tanja Lange
467:Guess Again
338:Hash-based
297:Ouroboros-R
231:Code-based
196:Three Bears
171:NTRUEncrypt
126:Compact LWE
4921:Categories
4773:Ciphertext
4743:Decryption
4738:Encryption
4699:Ransomware
4447:IEEE P1363
4065:Algorithms
3965:28 January
3908:2312.02607
3598:"KAZ-SIGN"
2745:31 January
2720:31 January
2695:22 January
2674:30 January
2626:31 January
2575:31 January
2550:31 January
2525:31 January
2500:31 January
2450:31 January
2404:30 January
2378:31 January
2352:31 January
2343:"FrodoKEM"
2327:31 January
2318:"CRYSTALS"
2298:31 January
2239:30 January
2212:1804.02556
2151:1805.11489
2130:1802.06157
2109:1805.05429
2030:30 January
1950:31 January
1924:30 January
1839:31 January
1771:qTESLA.org
1750:31 January
1691:31 January
1665:5 November
1639:5 November
1539:31 January
1502:References
1365:Ascon-Sign
1212:Signature
1178:Algorithm.
1091:Round four
1040:Signature
876:NTRU Prime
863:Signature
772:Signature
609:NTRU Prime
579:Signature
526:WalnutDSA
509:RaCoSS by
372:DualModeMS
365:Giophantus
218:pqNTRUSign
178:NTRU Prime
111:Signature
73:are made.
44:Background
4763:Plaintext
3511:"SQIsign"
2806:243755462
2715:Mqdss.org
2642:"Sphincs"
2591:"NTS-Kem"
2369:"NewHope"
2002:4 January
1976:4 January
1242:SQUIRRELS
1224:EagleSign
759:Finalists
563:Round two
416:WalnutDSA
236:BIG QUAKE
84:Round one
4902:Category
4808:Kademlia
4768:Codetext
4711:(CSPRNG)
4508:Key size
4442:CRYPTREC
4359:McEliece
4313:RLWE-SIG
4308:RLWE-KEX
4303:NTRUSign
4116:Paillier
3430:"QR-UOV"
3275:"MiRitH"
3058:6 August
2740:Sike.org
2466:"Falcon"
1805:Archived
1797:"qTESLA"
1474:See also
1389:KAZ-SIGN
1104:PKE/KEM
1081:SPHINCS+
1045:Lattice
1037:PKE/KEM
980:such as
913:SPHINCS+
873:FrodoKEM
868:Lattice
860:PKE/KEM
822:McEliece
820:Classic
777:Lattice
769:PKE/KEM
682:SPHINCS+
650:McEliece
648:Classic
592:FrodoKEM
584:Lattice
576:PKE/KEM
348:SPHINCS+
328:RankSign
311:RLCE-KEM
308:Ramstake
302:QC-MDPC
244:McEliece
242:Classic
199:Titanium
140:FrodoKEM
4578:General
4354:Lamport
4334:CEILIDH
4293:NewHope
4240:Schnorr
4223:ElGamal
4201:Ed25519
4081:Benaloh
3988:4 April
3553:"ALTEQ"
3444:"SNOVA"
3099:17 July
2811:23 July
2664:"GeMSS"
2648:19 June
2475:26 June
2425:17 June
2420:"SABER"
1945:Twitter
1830:"ROLLO"
1811:4 March
1781:4 March
1350:SQIsign
1311:Biscuit
1260:FuLeeca
1239:Raccoon
1218:Lattice
986:NewHope
840:Rainbow
705:Rainbow
660:NTS-KEM
599:NewHope
390:Rainbow
321:pqsigRM
290:NTS-KEM
275:LEDApkc
272:LEDAkem
167:NewHope
120:Lattice
4689:Keygen
4476:Topics
4452:NESSIE
4394:Theory
4322:Others
4179:X25519
3469:"TUOV"
3416:"PROV"
3402:"MAYO"
3363:"Home"
3317:"RYDE"
3303:"PERK"
3289:"MQOM"
3261:"MIRA"
3247:"WAVE"
3233:"MEDS"
3162:GitHub
3129:"Hufu"
3015:9 July
2989:9 July
2963:9 July
2860:6 July
2835:6 July
2804:
2470:Falcon
2270:
1378:Other
1326:QR-UOV
1284:MiRitH
1230:HAETAE
1065:FALCON
1016:FALCON
972:After
959:Picnic
807:FALCON
737:Picnic
633:qTESLA
629:FALCON
487:Picnic
462:Other
381:HiMQ-3
324:RaCoSS
282:LOCKER
278:Lepton
259:Edon-K
222:qTESLA
213:FALCON
185:Round2
161:Lizard
4719:(PRN)
4288:Kyber
4283:BLISS
4245:SPEKE
4213:ECMQV
4206:Ed448
4196:EdDSA
4191:ECDSA
4121:Rabin
3903:arXiv
3497:"VOX"
3483:"UOV"
3034:(PDF)
2897:(PDF)
2879:(PDF)
2802:S2CID
2617:"RQC"
2516:"HQC"
2230:(PDF)
2207:arXiv
2188:(PDF)
2146:arXiv
2125:arXiv
2104:arXiv
2021:(PDF)
1915:(PDF)
1891:(PDF)
1863:(PDF)
1619:(PDF)
1392:Preon
1383:ALTEQ
1368:FAEST
1362:AIMer
1329:SNOVA
1296:SDitH
1254:CROSS
1209:Type
1101:Type
1034:Type
982:Kyber
927:GeMSS
857:Type
793:SABER
766:Type
702:MQDSS
696:GeMSS
615:SABER
573:Type
398:SRTPI
387:MQDSS
375:GeMSS
362:CFPKM
287:McNie
193:SABER
164:LOTUS
152:KINDI
144:HILA5
102:Type
4488:OAEP
4462:CNSA
4339:EPOC
4184:X448
4174:ECDH
3990:2024
3967:2024
3843:2023
3773:2023
3455:2023
3388:2023
3101:2023
3060:2022
3017:2022
2991:2022
2965:2022
2957:NIST
2862:2021
2837:2021
2813:2020
2772:2019
2747:2019
2722:2019
2697:2020
2676:2019
2650:2023
2628:2019
2603:2017
2577:2019
2552:2019
2527:2019
2502:2019
2477:2019
2452:2019
2427:2019
2406:2019
2380:2019
2354:2019
2329:2019
2300:2019
2268:ISBN
2241:2019
2032:2019
2004:2018
1978:2018
1952:2019
1926:2019
1898:2019
1870:2019
1841:2019
1813:2024
1783:2024
1752:2019
1724:2017
1693:2019
1667:2019
1659:NIST
1641:2019
1586:2017
1560:NIST
1541:2019
1332:TUOV
1323:PROV
1320:MAYO
1317:HPPC
1293:RYDE
1290:PERK
1287:MQOM
1281:MIRA
1269:Wave
1266:MEDS
1263:LESS
1236:HuFu
1233:HAWK
1139:SIKE
1115:BIKE
984:and
974:NIST
940:SIKE
891:BIKE
788:NTRU
718:SIKE
699:LUOV
645:BIKE
604:NTRU
471:HK17
431:SIKE
384:LUOV
267:LAKE
255:DAGS
248:NTS-
239:BIKE
158:LIMA
105:PKE/
78:FIPS
61:and
26:NIST
4498:PKI
4381:XTR
4349:IES
4344:HFE
4275:SIS
4270:LWE
4255:STS
4250:SRP
4235:MQV
4218:EKE
4169:DSA
4154:BLS
4126:RSA
4101:GMR
4014:djb
4012:by
2792:doi
2260:doi
1338:VOX
1335:UOV
1125:HQC
896:HQC
666:RQC
654:HQC
595:LAC
479:RVB
454:RSA
402:DME
378:Gui
314:RQC
304:KEM
263:HQC
251:KEM
209:DRS
155:LAC
107:KEM
51:RSA
34:KEM
4923::
4329:AE
4164:DH
3941:.
3834:.
3764:.
3446:.
3379:.
3339:^
3159:.
3091:.
3051:.
3007:.
2981:.
2955:.
2937:.
2918:.
2899:.
2853:.
2800:.
2790:.
2763:.
2738:.
2713:.
2619:.
2568:.
2543:.
2518:.
2493:.
2468:.
2443:.
2371:.
2345:.
2320:.
2308:^
2291:.
2266:.
2232:.
2190:.
2169:.
2087:.
2068:.
2049:.
2023:.
1943:.
1917:.
1832:.
1821:^
1803:.
1799:.
1769:.
1743:.
1732:^
1701:^
1684:.
1657:.
1594:^
1558:.
1531:.
452:pq
246:+
4563:e
4556:t
4549:v
4272:/
4267:/
4050:e
4043:t
4036:v
3926:.
3911:.
3905::
3890:.
3875:.
3860:.
3845:.
3820:.
3805:.
3790:.
3775:.
3750:.
3735:.
3720:.
3705:.
3690:.
3675:.
3660:.
3645:.
3630:.
3615:.
3600:.
3585:.
3570:.
3555:.
3541:.
3527:.
3513:.
3499:.
3485:.
3471:.
3457:.
3432:.
3418:.
3404:.
3390:.
3365:.
3351:.
3333:.
3319:.
3305:.
3291:.
3277:.
3263:.
3249:.
3235:.
3221:.
3207:.
3193:.
3179:.
3165:.
3145:.
3131:.
3117:.
3103:.
3077:.
3062:.
3036:.
3019:.
2993:.
2967:.
2941:.
2922:.
2903:.
2881:.
2864:.
2815:.
2794::
2774:.
2749:.
2724:.
2699:.
2678:.
2652:.
2630:.
2605:.
2579:.
2554:.
2529:.
2504:.
2479:.
2454:.
2429:.
2408:.
2382:.
2356:.
2331:.
2302:.
2276:.
2262::
2243:.
2215:.
2209::
2173:.
2154:.
2148::
2133:.
2127::
2112:.
2106::
2091:.
2072:.
2053:.
2034:.
2006:.
1980:.
1954:.
1928:.
1900:.
1872:.
1843:.
1815:.
1785:.
1754:.
1726:.
1695:.
1669:.
1643:.
1621:.
1588:.
1562:.
1543:.
1198:(
91:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.