NIST’s Latest PQC Milestone: 9 Signature Algorithms Advance to Round 3

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...
Published: June 11, 2026
9 Post Quantum Digital Signature Candidates

The National Institute of Standards and Technology (NIST) announced a significant step toward further development of post-quantum cryptography (PQC), as nine digital signature algorithms (DSAs) continue to proceed through the third round of its PQC Standardisation Process (PQCSP).

The move follows 18 months of testing and evaluation and marks NIST’s ongoing work to protect the future cryptographic environment from the threat of quantum computing.

The new candidates are not intended to be replacements for the current candidates, but should be used to offer candidates greater choice and greater diversity in cryptography.

Also Read: NIST Advances 14 Algorithms to Round 2 of the Post-Quantum Cryptography Standardization Process

The Next Nine Candidates for Digital Signatures are:

  • FAEST
  • HAWK
  • MAYO
  • MQOM
  • QR-UOV
  • SDitH
  • SNOVA
  • SQIsign
  • UOV

NIST says these candidates will undergo another review process that will take about two years. The teams that submitted will be allowed to enhance their algorithm(s) and submit new specifications and implementations during this period.

The latest round is part of NIST’s ongoing effort to develop cryptographic standards that will be immune to future attacks by quantum computers, which will break many of the public-key cryptographic protocols that are already in use.

Also Read: NIST Releases Its Initial Set of Finalized Post-Quantum Encryption Standards

Current Standards Continue to be followed

The new candidates are NOT meant to replace the recently standardised algorithms. Rather, they are intended to be compatible with the current post-quantum standards:

  • The digital signature standard (DSS) currently in use is known as FIPS 204, Module-Lattice-Based Digital Signature Standard (ML-DSA).
  • FIPS 205, Stateless Hash-Based Digital Signature Standard
  • Digital Signature Standard (DSS) – FIPS 186-5
  • The Recommendation for Stateful Hash-Based Signature Schemes (SP 800-208) has been published.

Even for enterprise applications, ML-DSA is still expected to be the dominant post-quantum digital signature algorithm. NIST, however, has always emphasised cryptographic diversity to minimise the chance that a single math method would become the “weakest link.

The agency’s aim in standardising the algorithms, which are based on different mathematical principles, is to offer an organisation the flexibility to choose a different one if vulnerabilities or implementation weaknesses are disclosed in the future.

Also Read: NIST Cybersecurity Framework 2.0: The Gold Standard for Proactive Cyber Defense

Importance of Cryptographic Diversity

The migration to post-quantum is not a single-day process. It is expected that enterprises will be running in a hybrid world for many years to come, where classical and post-quantum cryptography run side by side.

Quantum-resistant applications, certificates, hardware, authentication systems, and communications protocols will slowly migrate over the years.

However, this long transition period requires flexibility as a paramount need. One day, organisations will require support for multiple post-quantum algorithms, and adaptability may be as crucial as choosing the right algorithm now.

Crypto-Agility Becomes an Operational Requirement

For security professionals, crypto-agility is one of the key factors in preparations for the quantum age.

Crypto-agility is when an organisation can readily update cryptographic systems, certificates, protocols, and security policies, without disrupting operations. This capability has proven to be vital in past migrations, especially when SHA-1 was phased out, resulting in partial inventories and manual certificate management for many organisations.

The shift to post-quantum cryptography is likely to be more challenging.

Certificates are now used for shorter periods, identities for machines have grown across the cloud and hybrid environments, and enterprises continue to use disjointed certificate management processes. Such business constraints can make global migrations of cryptography difficult.

This enables security leaders to prepare for the future shift in standards by emphasising certificate lifecycle automation, centralised visibility, and better cryptographic governance.

What Comes Next?

NIST’s third evaluation phase will take about two years. The agency also intends to hold the 7th NIST PQC Standardisation Conference in late spring/early summer, 2027, probably in Gaithersburg, MD or nearby.

Although results are still a few years away, the latest news is a telling reminder that the move towards post-quantum security isn’t just about picking new algorithms. Operational preparedness and adaptability to standards will be key to long-term resilience.

By investing in crypto-agility now, organisations will be better equipped to adapt to the ongoing development of post-quantum cryptography and effectively address any future changes.

Conclusion

Quantum-safe cryptography isn’t a finish line. It’s a journey. NIST’s decision to advance nine additional digital signature candidates shows that the post-quantum landscape is still evolving. For organisations, the takeaway is simple: don’t wait for every standard to be finalised before preparing.

The companies that invest in crypto-agility and modernise their cryptographic infrastructure today will be the ones best positioned to navigate the quantum era tomorrow.

Janki Mehta

Janki Mehta

Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.