Algorithm Catalog
Every PQC algorithm QNSP ships, with the receipts
14 post-quantum cryptography families across 5 mathematical foundations. Each family page details FIPS standard, security levels, key + ciphertext + signature sizes, NIST ACVP coverage, QNSP crypto-policy tier support, and use-case fit — sourced from the canonical algorithm registry the cloud KMS reads from at runtime, not from marketing copy.
Live evidence
Pair every family page with /verify/conformance for live NIST ACVP test-vector results and /benchmarks for reproducible per-algorithm performance numbers.
Cryptographic foundations
QNSP intentionally ships algorithms from multiple cryptographic foundations (lattice, code, hash, multivariate) so that a future cryptanalytic advance against any one family does not break the platform — see /trust/compliance for dual-provider cross-verification policy.
KEMs
Key Encapsulation Mechanisms (7 families)
Used for key agreement — TLS, KMS-wrapped data keys, vault secret encryption, encrypted object storage.
ML-KEM
FIPS-finalisedModule-Lattice-based Key Encapsulation Mechanism · FIPS 203
NIST's primary post-quantum key encapsulation standard, finalised August 2024 as FIPS 203. ML-KEM is QNSP's default KEM in every tier and powers PQC TLS key agreement, KMS-wrapped data keys, and vault secret encryption.
lattice-based3 variantsnobleliboqs
/algorithms/ml-kem →
HQC
non-FIPSHamming Quasi-Cyclic Key Encapsulation Mechanism
Code-based KEM selected by NIST in March 2025 as a fifth-round alternate KEM standard, providing an independent cryptographic assumption (coding theory, not lattices) as defence-in-depth against ML-KEM cryptanalysis.
code-based3 variantsliboqs
/algorithms/hqc →
BIKE
non-FIPSBit Flipping Key Encapsulation
Code-based KEM finalist (round 4 of NIST PQC standardisation) using QC-MDPC codes. Available in liboqs for QNSP customers seeking additional code-based alternatives.
code-based3 variantsliboqs
/algorithms/bike →
Classic McEliece
non-FIPSClassic McEliece Code-Based KEM
The original code-based public-key cryptosystem, in continuous study since 1978 — by far the oldest cryptographic assumption in the PQC catalogue. Trades extremely large public keys for the most-studied security assumption available.
code-based1 variantsliboqs
/algorithms/classic-mceliece →
FrodoKEM
non-FIPSFrodo Key Encapsulation Mechanism
Plain Learning With Errors (LWE) KEM — same lattice family as ML-KEM but without the additional ring or module structure. Larger keys and ciphertexts but built on the most conservative lattice assumption.
lattice-based3 variantsliboqs
/algorithms/frodokem →
NTRU
non-FIPSNumber Theoretic Research Unit Cryptosystem
One of the oldest lattice-based KEMs, in continuous study since 1996. NTRU was a NIST PQC finalist but not selected for FIPS standardisation in favour of ML-KEM.
lattice-based2 variantsliboqs
/algorithms/ntru →
NTRU Prime
non-FIPSNTRU Prime (Streamlined / Light NTRU Prime)
NTRU variant designed to use a prime-degree ring polynomial, removing certain structural concerns. Notably deployed in OpenSSH's default post-quantum key exchange.
lattice-based1 variantsliboqs
/algorithms/ntru-prime →
Signatures
Digital Signature Algorithms (7 families)
Used for authenticity and non-repudiation — JWT signing, audit-log Merkle root signing, code signing, SPIFFE SVID signing.
ML-DSA
FIPS-finalisedModule-Lattice-based Digital Signature Algorithm · FIPS 204
NIST's primary post-quantum digital signature standard, finalised August 2024 as FIPS 204. ML-DSA powers JWT signing, audit-log integrity, code-signing, and authn token issuance across QNSP.
lattice-based3 variantsnobleliboqs
/algorithms/ml-dsa →
SLH-DSA
FIPS-finalisedStateless Hash-based Digital Signature Algorithm · FIPS 205
NIST's hash-based digital signature standard, finalised August 2024 as FIPS 205. SLH-DSA's security rests only on the hardness of finding hash function preimages — the most conservative assumption available — making it the natural choice for long-archival signatures and government-tier policy.
hash-based5 variantsnobleliboqs
/algorithms/slh-dsa →
FN-DSA
FIPS-pendingFFT-based NTRU Digital Signature Algorithm · FIPS 206 (pending)
NIST's fourth standardised PQC signature scheme, formally FN-DSA under FIPS 206 — the initial public draft is still pending as of mid-2026. Falcon's signatures are the most compact of the lattice-based PQC schemes, making it preferred for size-constrained transport.
lattice-based2 variantsliboqs
/algorithms/fn-dsa →
MAYO
non-FIPSMultivariate Quadratic Signatures (MAYO)
Multivariate quadratic signature scheme in the NIST PQC additional-signatures track. Short signatures and small public keys; trades signing speed against parameter size.
multivariate1 variantsliboqs
/algorithms/mayo →
CROSS
non-FIPSCodes and Restricted Objects Signature Scheme
Code-based signature using the MPC-in-the-head paradigm over restricted syndrome decoding. NIST PQC additional-signatures track candidate.
code-based1 variantsliboqs
/algorithms/cross →
UOV
non-FIPSUnbalanced Oil and Vinegar Signatures
Multivariate signature scheme based on the Unbalanced Oil and Vinegar (UOV) construction, one of the longest-studied multivariate schemes.
multivariate1 variantsliboqs
/algorithms/uov →
SNOVA
non-FIPSSimple Noncommutative-ring-based UOV Algorithm
Multivariate signature scheme using a non-commutative ring structure to reduce public-key size relative to plain UOV. NIST PQC additional-signatures track candidate.
multivariate1 variantsliboqs
/algorithms/snova →