diff --git a/README.md b/README.md index dbc66a08f..1264d3825 100644 --- a/README.md +++ b/README.md @@ -56,28 +56,28 @@ All names other than `ML-KEM` and `ML-DSA` are subject to change. `liboqs` makes #### Key encapsulation mechanisms -| Algorithm family | Standardization status | Primary implementation | -|:-------------------|:----------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------| -| BIKE | [Not selected](https://csrc.nist.gov/csrc/media/Projects/post-quantum-cryptography/documents/round-4/submissions/BIKE-Round4.zip) | [`awslabs/bike-kem`](https://github.com/awslabs/bike-kem) | -| Classic McEliece | [Under ISO consideration](https://classic.mceliece.org/mceliece-spec-20221023.pdf) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | -| FrodoKEM | [Not selected](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/FrodoKEM-Round3.zip) | [`microsoft/PQCrypto-LWEKE@b6609d3`](https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2) | -| HQC | [Selected by NIST](https://pqc-hqc.org/doc/hqc_specifications_2025_08_22.pdf) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | -| Kyber | [Selected by NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Kyber-Round3.zip) | [`pq-crystals/kyber@441c051`](https://github.com/pq-crystals/kyber/commit/441c0519a07e8b86c8d079954a6b10bd31d29efc) | -| ML-KEM | [Standardized by NIST](https://csrc.nist.gov/pubs/fips/203/final) | [`pq-code-package/mlkem-native@048fc2a`](https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa) | -| NTRU | [Not selected](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Round3.zip) | [`PQClean/PQClean@4c9e5a3`](https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6) | -| NTRU-Prime | [Not selected](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Prime-Round3.zip) | [`PQClean/PQClean@4c9e5a3`](https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6) | +| Algorithm family | Standardization status | Primary implementation | +|:-------------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------| +| BIKE | [Not selected](https://csrc.nist.gov/csrc/media/Projects/post-quantum-cryptography/documents/round-4/submissions/BIKE-Round4.zip) | [`awslabs/bike-kem`](https://github.com/awslabs/bike-kem) | +| Classic McEliece | [Under ISO consideration](https://classic.mceliece.org/mceliece-spec-20221023.pdf) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | +| FrodoKEM | [Not selected](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/FrodoKEM-Round3.zip) | [`microsoft/PQCrypto-LWEKE@b6609d3`](https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2) | +| HQC | [Selected by NIST](https://pqc-hqc.org/doc/hqc_specifications_2025_08_22.pdf) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | +| Kyber | [NIST PQC third round candidate; standardized into ML-KEM (FIPS 203) after minor modifications](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Kyber-Round3.zip) | [`pq-crystals/kyber@441c051`](https://github.com/pq-crystals/kyber/commit/441c0519a07e8b86c8d079954a6b10bd31d29efc) | +| ML-KEM | [Standardized by NIST](https://csrc.nist.gov/pubs/fips/203/final) | [`pq-code-package/mlkem-native@048fc2a`](https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa) | +| NTRU | [Not selected by NIST; under standardization consideration by NTT](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Round3.zip) | [`PQClean/PQClean@4c9e5a3`](https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6) | +| NTRU-Prime | [Not selected by NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Prime-Round3.zip) | [`PQClean/PQClean@4c9e5a3`](https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6) | #### Signature schemes -| Algorithm family | Standardization status | Primary implementation | -|:-------------------|:-----------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------| -| CROSS | [Under NIST consideration](https://www.cross-crypto.com/CROSS_Specification_v2.2.pdf) | [`CROSS-signature/CROSS-lib-oqs@c8f7411`](https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f) | -| Falcon | [Selected by NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Falcon-Round3.zip) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | -| MAYO | [Under NIST consideration](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/mayo-spec-round2-web.pdf) | [`PQCMayo/MAYO-C@4b7cd94`](https://github.com/PQCMayo/MAYO-C/commit/4b7cd94c96b9522864efe40c6ad1fa269584a807) | -| ML-DSA | [Standardized by NIST](https://csrc.nist.gov/pubs/fips/204/final) | [`pq-crystals/dilithium@444cdcc`](https://github.com/pq-crystals/dilithium/commit/444cdcc84eb36b66fe27b3a2529ee48f6d8150c2) | -| SLH-DSA | [Standardized by NIST](https://csrc.nist.gov/pubs/fips/205/final) | [`pq-code-package/slhdsa-c@a0fc1ff`](https://github.com/pq-code-package/slhdsa-c/commit/a0fc1ff253930060d0246aebca06c2538eb92b88) | -| SNOVA | [Under NIST consideration](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/snova-spec-round2-web.pdf) | [`vacuas/SNOVA@1c3ca6f`](https://github.com/vacuas/SNOVA/commit/1c3ca6f4f7286c0bde98d7d6f222cf63b9d52bff) | -| SPHINCS+ | [Selected by NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/SPHINCS-Round3.zip) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | -| UOV | [Under NIST consideration](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/uov-spec-round2-web.pdf) | [`pqov/pqov@7e0832b`](https://github.com/pqov/pqov/commit/7e0832b6732a476119742c4acabd11b7c767aefb) | +| Algorithm family | Standardization status | Primary implementation | +|:-------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------| +| CROSS | [Under NIST consideration](https://www.cross-crypto.com/CROSS_Specification_v2.2.pdf) | [`CROSS-signature/CROSS-lib-oqs@c8f7411`](https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f) | +| Falcon | [NIST PQC third round candidate; selected for upcoming standardization](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Falcon-Round3.zip) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | +| MAYO | [Under NIST consideration](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/mayo-spec-round2-web.pdf) | [`PQCMayo/MAYO-C@4b7cd94`](https://github.com/PQCMayo/MAYO-C/commit/4b7cd94c96b9522864efe40c6ad1fa269584a807) | +| ML-DSA | [Standardized by NIST](https://csrc.nist.gov/pubs/fips/204/final) | [`pq-crystals/dilithium@444cdcc`](https://github.com/pq-crystals/dilithium/commit/444cdcc84eb36b66fe27b3a2529ee48f6d8150c2) | +| SLH-DSA | [Standardized by NIST](https://csrc.nist.gov/pubs/fips/205/final) | [`pq-code-package/slhdsa-c@a0fc1ff`](https://github.com/pq-code-package/slhdsa-c/commit/a0fc1ff253930060d0246aebca06c2538eb92b88) | +| SNOVA | [Under NIST consideration](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/snova-spec-round2-web.pdf) | [`vacuas/SNOVA@1c3ca6f`](https://github.com/vacuas/SNOVA/commit/1c3ca6f4f7286c0bde98d7d6f222cf63b9d52bff) | +| SPHINCS+ | [NIST PQC third round candidate; standardized into SLH-DSA (FIPS 205) after minor modifications](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/SPHINCS-Round3.zip) | [`PQClean/PQClean@1eacfda`](https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181) | +| UOV | [Under NIST consideration](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/uov-spec-round2-web.pdf) | [`pqov/pqov@7e0832b`](https://github.com/pqov/pqov/commit/7e0832b6732a476119742c4acabd11b7c767aefb) | #### Stateful signature schemes | Algorithm family | Standardization status | Primary implementation | diff --git a/docs/algorithms/kem/kyber.yml b/docs/algorithms/kem/kyber.yml index ba2b38271..e7af5f088 100644 --- a/docs/algorithms/kem/kyber.yml +++ b/docs/algorithms/kem/kyber.yml @@ -15,7 +15,8 @@ auxiliary-submitters: crypto-assumption: Module LWE+R with base ring Z[x]/(3329, x^256+1) website: https://pq-crystals.org/ nist-round: 3 -standardization-status: Selected by NIST +standardization-status: NIST PQC third round candidate; standardized into ML-KEM (FIPS + 203) after minor modifications spec-url: https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Kyber-Round3.zip spec-version: NIST Round 3 submission primary-upstream: diff --git a/docs/algorithms/kem/ntru.yml b/docs/algorithms/kem/ntru.yml index e5d04b516..d0f3fd925 100644 --- a/docs/algorithms/kem/ntru.yml +++ b/docs/algorithms/kem/ntru.yml @@ -16,8 +16,7 @@ auxiliary-submitters: - Zhenfei Zhang crypto-assumption: NTRU in Z[x]/(q, x^n-1) with prime n and power-of-two q website: https://ntru.org/ -# TODO: under NTT (Nippon Telegraph and Telephone) consideration? -standardization-status: Not selected +standardization-status: Not selected by NIST; under standardization consideration by NTT spec-url: https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Round3.zip nist-round: 3 spec-version: NIST Round 3 submission diff --git a/docs/algorithms/kem/ntruprime.yml b/docs/algorithms/kem/ntruprime.yml index 128aaded7..abd57be4b 100644 --- a/docs/algorithms/kem/ntruprime.yml +++ b/docs/algorithms/kem/ntruprime.yml @@ -15,7 +15,7 @@ crypto-assumption: NTRU website: https://ntruprime.cr.yp.to nist-round: 3 spec-version: supercop-20200826 -standardization-status: Not selected +standardization-status: Not selected by NIST spec-url: https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Prime-Round3.zip upstream-ancestors: - https://github.com/jschanck/package-pqclean/tree/4d9f08c3/ntruprime diff --git a/docs/algorithms/sig/falcon.yml b/docs/algorithms/sig/falcon.yml index 35031cb16..2a6bed29d 100644 --- a/docs/algorithms/sig/falcon.yml +++ b/docs/algorithms/sig/falcon.yml @@ -16,7 +16,7 @@ auxiliary-submitters: crypto-assumption: hardness of NTRU lattice problems website: https://falcon-sign.info nist-round: 3 -standardization-status: Selected by NIST +standardization-status: NIST PQC third round candidate; selected for upcoming standardization spec-url: https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Falcon-Round3.zip spec-version: 20211101 primary-upstream: diff --git a/docs/algorithms/sig/sphincs.yml b/docs/algorithms/sig/sphincs.yml index 9c4236f7d..fa1821f02 100644 --- a/docs/algorithms/sig/sphincs.yml +++ b/docs/algorithms/sig/sphincs.yml @@ -23,7 +23,8 @@ auxiliary-submitters: crypto-assumption: hash-based signatures website: https://sphincs.org/ nist-round: 3 -standardization-status: Selected by NIST +standardization-status: NIST PQC third round candidate; standardized into SLH-DSA + (FIPS 205) after minor modifications spec-url: https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/SPHINCS-Round3.zip spec-version: NIST Round 3 submission, v3.1 (June 10, 2022) spdx-license-identifier: CC0-1.0