Selected links and resources relevant to post-quantum cryptography adoption.
- For a more research-oriented overview see e.g., pqcrypto.org or
- pqc-forum mailing list
-
NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption (March 2025)
-
NIST Releases First 3 Finalized Post-Quantum Encryption Standards (August 2024)
-
Call for Additional Digital Signature Schemes (July 2023)
-
NIST PQC Competition (2017-2024)
-
Standards:
- FIPS 203: ML-KEM (CRYSTALS-Kyber)
- FIPS 204: ML-DSA (CRYSTALS-Dilithium)
- FIPS 205: SLH-DSA (SPHINCS+)
- FALCON: FIPS TBD
- HQC: FIPS TBD
Post-Quantum Cryptography Hub: Provides content for all levels of technical expertise, including CISOs, security engineers, crypto-savvy folks, and anyone interested in learning more about post-quantum security.
- Post-Quantum Cryptography: Standards and Progress
- Cloud CISO Perspectives: Why we need to get ready for Quantum (v2025)
- How Google is preparing for a post-quantum world
- Why Google now uses post-quantum cryptography for internal comms
- Announcing Quantum-Safe Digital Signatures in Cloud KMS (Cloud KMS Strategy)
- Transitioning organizations to post-quantum cryptography | Nature
- Podcast: EP164 Quantum Computing: Understanding the (very serious) Threat and Post-Quantum Cryptography
For crypto engineers:
-
Low-level: BoringSSL : https://boringssl.googlesource.com/boringssl/
- BoringSSL is a fork of OpenSSL maintained by Google: https://en.wikipedia.org/wiki/OpenSSL#BoringSSL
- BoringSSL includes NIST PQC standards implementation, eg. https://boringssl.googlesource.com/boringssl/+/refs/heads/master/include/openssl/mlkem.h
-
Developer-friendly library: Tink https://developers.google.com/tink/getting-started
- Tink Intro / Design Rationale
- Usability Considerations - particularly abstracting away from algorithms to primitives
- PQC Experimental in Tink
- Tink Roadmap
- 2016 CECPQ1 Experiment:
- 2019 CECPQ2 Experiment:
- Protecting Chrome Traffic with Hybrid Kyber KEM
- Advancing Our Amazing Bet on Asymmetric Cryptography
- A new path for Kyber on the web
- FIDO keys https://security.googleblog.com/2023/08/toward-quantum-resilient-security-keys.html
- Open Titan (hardware): https://opensource.googleblog.com/2025/02/fabrication-begins-for-production-opentitan-silicon.html
(yearly cryptography engineering conference)
- RWC’15: Heartbleed / OpenSSL / Google
- RWC’18: Achieving high availability in the internal Google KMS
- RWC’19: Tink: A cryptographic library
- RWC’21: What’s in a key?
- RWC’23: Crypto Agility and Post-Quantum Cryptography
- Stefan Koelbl: TNO Symposium on PQcrypto'23: PQC5_Slides_Stefan.Kolbl.pdf
Focus on first steps: Crypto Inventory, Crypto Agility
- US White House Memorandum NSM-8: Improving the Cybersecurity of National Security (Jan 2022)
- US White House Memorandum NSM-10: Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems (May 2022)
- NSA PQC Roadmap
- NIST IR 8547 (Draft)
Focus on Risk Management
- ESMA / European Banking Authority (EBA) : JC 2023 86 - Final report on draft RTS on ICT Risk Management Framework and on simplified ICT Risk Management Framework
- FS-ISAC whitepaper: Preparing for a Post-Quantum World by Managing Cryptographic Risk
- World Economic Forum: Quantum Security for the Financial Sector: Informing Global Regulatory Approaches Forum
- World Economic Forum: Transitioning to a Quantum-Secure Economy