How many controls does NIST Post-Quantum Cryptography Standards have?

NIST Post-Quantum Cryptography Standards contains 23 controls organized across 6 domains.

Where does NIST Post-Quantum Cryptography Standards apply?

NIST Post-Quantum Cryptography Standards is applicable in United States (NIST). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does NIST Post-Quantum Cryptography Standards map to?

NIST Post-Quantum Cryptography Standards has control-to-control mappings with 430 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with NIST Post-Quantum Cryptography Standards compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

NIST Post-Quantum Cryptography Standards (FIPS 203, 204, 205)

NIST's Post-Quantum Cryptography (PQC) standardisation effort culminated in August 2024 with the publication of three Federal Information Processing Standards: FIPS 203 (ML-KEM, based on CRYSTALS-Kyber for key encapsulation), FIPS 204 (ML-DSA, based on CRYSTALS-Dilithium for digital signatures), and FIPS 205 (SLH-DSA, based on SPHINCS+ for hash-based digital signatures). These standards are designed to resist attacks from both classical and quantum computers.

Domains

Implementation and Security Considerations

General Requirements and Compliance

FIPS 205 — SLH-DSA Hash-Based Signatures

FIPS 204 — ML-DSA Digital Signatures

FIPS 203 — ML-KEM Key Encapsulation

Frequently Asked Questions

Map NIST Post-Quantum Cryptography Standards (FIPS 203, 204, 205) to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform