Skip to Content

We invite you to try out our new beta eCFR site at We’ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the 'Help' button on the bottom right of each page!


Request for Comments on Post-Quantum Cryptography Requirements and Evaluation Criteria

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


National Institute of Standards and Technology (NIST), Commerce.


Notice; request for comments


The National Institute of Standards and Technology (NIST) is requesting comments on a proposed process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. Current algorithms are vulnerable to attacks from large-scale quantum computers. The purpose of this notice is to solicit comments on the draft minimum acceptability requirements, submission requirements, evaluation criteria, and evaluation process of candidate algorithms from the public, the cryptographic community, academic/research communities, manufacturers, voluntary standards organizations, and Federal, state, and local government organizations so that their needs can be considered in the process of developing new public-key cryptography standards. The draft requirements and evaluation criteria are available on the NIST Computer Security Resource Center Web site:​pqcrypto.


Comments must be received on or before September 16, 2016.


Comments may be sent electronically to with “Comment on Post-Quantum Cryptography Requirements and Evaluation Criteria” in the subject line. Written comments may also be submitted by mail to Information Technology Laboratory, ATTN: Post-Quantum Cryptography Comments, National Institute of Standards and Technology, 100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930.

Comments received in response to this notice will be published electronically at​pqcrypto, so commenters should not include information they do not wish to be posted (e.g., personal or confidential business information).

Start Further Info


Dr. Lily Chen, National Institute of Standards and Technology, 100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930, email:, by telephone (301) 975-6974.

Technical inquiries regarding the proposed draft acceptability requirements, submission requirements, or the evaluation criteria should be sent electronically to

A public email list-serve has been set up for announcements, as well as a forum to discuss the standardization effort being initiated by NIST. For directions on how to subscribe, please visit​pqcrypto.

End Further Info End Preamble Start Supplemental Information


In recent years, there has been a substantial amount of research on quantum computers—machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will compromise the security of many commonly used cryptographic algorithms. In particular, quantum computers would completely break many public-key cryptosystems, including those standardized in FIPS 186-4, Digital Signature Standard (​10.6028/​NIST.FIPS.186-4), SP 800-56A Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (​10.6028/​NIST.SP.800-56Ar2), and SP 800-56B Revision 1, Recommendation for Pair-Wise Key-Establishment Schemes Using Integer Factorization Cryptography (​10.6028/​NIST.SP.800-56Br1).

Due to this concern, many researchers have begun to investigate post-quantum cryptography (PQC) (also called quantum-resistant cryptography). The goal of this research is to develop cryptographic algorithms that would be secure against both quantum and classical computers. A significant effort will be required in order to develop, standardize, and deploy new post-quantum algorithms. In addition, this transition needs to take place well before any large-scale quantum computers are built, so that any information that is later compromised by quantum cryptanalysis is no longer sensitive when that compromise occurs.

NIST has taken a number of steps in response to this potential threat. On April 2-3, 2015, NIST held a public workshop on Cybersecurity in a Post-Quantum World to solicit input on public-key cryptographic policy in the time of quantum computers. NIST also published NISTIR 8105, Report on Post-Quantum Cryptography (​10.6028/​NIST.IR.8105), in April 2016 which shares NIST's understanding of the status of quantum computing and post-quantum cryptography.

As a result of study and public feedback, NIST has decided to develop additional public-key cryptographic algorithms through a public standardization process, similar to the development processes for the hash function SHA-3 and the Advanced Encryption Standard (AES). To begin the process, NIST has drafted a set of minimum acceptability requirements, submission requirements, and evaluation criteria for candidate algorithms. The draft document containing these requirements and criteria is available at the Web site:​pqcrypto. NIST seeks comments on these draft minimum acceptability requirements, submission requirements, evaluation criteria, and the evaluation process, as well as suggestions for other criteria and for the relative importance of each individual criterion in the evaluation process. Since neither the submission requirements nor the evaluation criteria have been finalized, and may evolve over time as a result of the public comments that NIST receives, candidate algorithms should NOT be submitted at this time.

Start Authority

Authority: In accordance with the Information Technology Management Reform Act of 1996 (Pub. L. 104-106) and the Federal Information Security Management Act of 2002 (Pub. L. 107-347), the Secretary of Commerce is authorized to approve FIPS. NIST activities to develop computer security standards to protect federal sensitive (unclassified) information systems are undertaken pursuant to specific responsibilities assigned to NIST by Section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-3), as amended.

End Authority Start Signature
Start Printed Page 50687

Dated: July 27, 2016.

Kent Rochford,

Associate Director for Laboratory Programs.

End Signature End Supplemental Information

[FR Doc. 2016-18150 Filed 8-1-16; 8:45 am]