New PQC standards – what’s changed since the draft versions?

This week’s publication of the new NIST standards FIPS 203, FIPS 204, and FIPS 205, was a significant milestone in the story of PQC. It’s been long-anticipated, especially since the draft standards were published last year, culminating a rigorous submission process that began way back in 2016.

With the publication, NIST have helpfully explained some of the differences that have been made to ML-KEM, ML-DSA, and SLH-DSA since submission. Many of these differences are tweaks that aid compliance, rather than major functional changes, but it’s worth noting how CRYSTALS-Kyber (ML-KEM), CRYSTALS-Dilithium (ML-DSA), and SHPINCS+ (SLH-DSA) became the new standards, and particularly what’s changed since the draft versions were specified in August 2023. Here are some technical highlights of the changes:

FIPS 203 ML-KEM

  • Domain separation added to K-PKE.KeyGen. This prevents the misuse of keys used to target different security levels.
  • An additional fix was added that reverts the switched indices of a particular matrix used in K-PKE.KeyGen and K-PKE-Encrypt. It has been changed back to match the original CRYSTALS-Kyber submission.

FIPS 204 ML-DSA

  • Malformed input check restored in Algorithm 21 (hint unpacking)
  • Domain separation added for cases where a message is signed directly or a digest of the message is signed.
  • Domain separation added (Algorithm 6) to offer resistance against the possibility that different parameter sets could be expanded from the same seed.

FIPS 205 SLH-DSA

  • Domain separation added for cases where a message is signed directly or a digest of the message is signed.

These changes are aimed at maximizing compliance and performance as the standards become widely used. Publication is an inflection point for all of us, especially at PQShield, as our CEO, Ali explains:

“This is an exciting moment for cryptographers like us, who worked to shape the new standards. It’s now our duty and responsibility to get the new software and hardware designs into the hands of more organizations, so they can keep us all one step ahead of the attackers.”

You can find out more detailed information about each of the published PQC standards here: