NIST Selects HQC as Backup Algorithm for Post-Quantum Encryption

NIST has been working for over eight years to develop encryption algorithms that remain secure even against the potential capabilities of future quantum computers.

Advertisements

The National Institute of Standards and Technology (NIST) has chosen HQC as a backup encryption algorithm to safeguard data against potential quantum computing threats. This selection follows the agency’s 2024 standardization of ML-KEM, which remains the primary choice for general encryption. HQC, built on different mathematical principles than ML-KEM, provides an alternative in case vulnerabilities are discovered in the current standard. A draft standard incorporating HQC is expected in 2026, with finalization anticipated in 2027.

NIST has been working for over eight years to develop encryption algorithms that remain secure even against the potential capabilities of future quantum computers. While current encryption methods protect sensitive data such as financial records and national security information, quantum computers could eventually break these defenses. ML-KEM, based on structured lattices, was selected as the core of the new encryption standard, but HQC, which uses error-correcting codes, will serve as a backup. Although HQC requires more computing resources, its reliability and distinct mathematical foundation make it a strong alternative.

The selection of HQC comes as part of NIST’s ongoing Post-Quantum Cryptography project, which has standardized multiple encryption and digital signature algorithms to future-proof cybersecurity systems. HQC is the only algorithm from NIST’s fourth round of candidates to be approved for standardization. A draft standard is expected in about a year, followed by a 90-day public comment period before final approval in 2027.

In addition to selecting HQC, NIST has published draft guidance for implementing key encapsulation mechanisms (KEMs), including both HQC and ML-KEM. KEMs are used to establish secure communications over public networks. The draft guidance, titled Recommendations for Key Encapsulation Mechanisms (NIST Special Publication 800-227), provides best practices for implementing these encryption methods. NIST also hosted a virtual workshop on KEMs in February and accepted public comments on the draft until March 7, 2025.

The finalized encryption standards, including ML-KEM (FIPS 203) and digital signature standards FIPS 204 and FIPS 205, are already in use, with organizations integrating them into their systems. A forthcoming standard, FIPS 206, will address digital signatures based on the FALCON algorithm. These measures aim to ensure long-term data security in an era where quantum computing could disrupt current cryptographic protections.

Article by Melissa Buckler

Cyber News Gator Mage Extraordinaire

Join 16 other subscribers

Advertisements

audible - now streaming: podcasts, originals, and more. Start your free trial.

Advertisements

Amazon business - everything you love about amazon. for work - learn more

Advertisements

More News

Lawmakers Push for Ban on TP-Link Sales Over Security Concerns

In a letter addressed to Secretary Howard Lutnick, the officials expressed support for an ongoing federal investigation and called for a ban on future sales of TP-Link products in the United States.

May 21, 2025May 21, 2025

Podcast Corner

Cybersecurity Awesomeness Podcast – Episode 149 – Cybersecurity Awesomeness Podcast

In this episode of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler prepare for the RSA Conference (RSAC), often described as the "Super Bowl" of cybersecurity by talking about the EMA Vendor Vision report. To help attendees navigate the overwhelming presence of over 600 exhibitors, the hosts break down EMA’s "Vendor Vision" report, which spotlights ten essential innovators. The discussion covers a broad technological spectrum, ranging from Straker’s cutting-edge adversarial AI in the Early Stage Expo to Sky High Security’s leadership in Data Security Posture Management (DSPM).Key highlights include AWS’s unified cloud security suite, Acalvio's deception technologies, F5’s API-driven AI protections, and the evolving identity landscape spearheaded by Yubico and SailPoint. The hosts also examine the maturation of Privileged Access Management through Delinea and Keeper Security, alongside Proofpoint’s focus on human-centric vulnerabilities and business email compromise. By filtering the noise of the Moscone Center, this episode provides a strategic roadmap for identifying the technical trends that will define the industry for the coming months. It serves as an indispensable guide for anyone looking to maximize their impact and insight during the conference.