NIST says that this algorithm is intended to serve as a backup in case ML-DSA proves vulnerable.

More than algorithms

In addition to the mathematical encryption algorithms, NIST also released the relevant implementation details.

“These finalized standards include instructions for incorporating them into products and encryption systems,” says Moody. “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time.”

The change to quantum-safe cryptography is going to be more complicated than previous cryptographic evolutions because the algorithms are very different from classical encryption, because there are multiple different algorithms that will be used for different use cases, and because the software supply chain is more complicated than ever before.

The solution is to become flexible about which specific standard is being used, says Tom Patterson, emerging technology security lead at Accenture. That will allow enterprises to integrate with vendors and partners that might be using a different encryption standard or that still rely on classical encryption. It will also allow enterprises to switch out to new, better, or more efficient standards that may come in the future.

These three standards aren’t the last we’re going to see when it comes to quantum-safe encryption, says Patterson. “There’s going to be, for the next few years, a series of different algorithms that will be available and standardized,” he says.