Post-Quantum Cryptography Glossary

See Crypto-Agility.

A NIST program that tests and validates cryptographic algorithm implementations in software and hardware. CAVP certification confirms that a product’s algorithm implementation is mathematically correct and meets the published standard. Phio TX holds NIST CAVP Certificate #6060, confirming its FIPS 203 ML-KEM implementation meets the published standard.

A NIST program that validates cryptographic modules against the FIPS 140-3 standard. CMVP certification is required for cryptographic solutions used by U.S. federal agencies and their commercial partners. Phio TX holds NIST CMVP Certificate #4850, confirming its cryptographic module meets FIPS 140-3 security requirements and is eligible for federal procurement.

A set of cryptographic standards issued by the National Security Agency (NSA) for protecting national security systems. CNSA 2.0 requires federal agencies and defense contractors to migrate to NIST-approved post-quantum algorithms, including ML-KEM (FIPS 203) for key encapsulation and ML-DSA (FIPS 204) for digital signatures. Migration timelines began in 2025 for new systems and extend through 2033 for legacy infrastructure.

A quantum computer powerful enough to break widely used public-key cryptographic algorithms including RSA, ECC, and Diffie-Hellman using Shor’s algorithm. A CRQC does not yet exist, but intelligence agencies and standards bodies including NSA and NIST assess it as a credible near-term threat. The timeline for CRQC development is the primary driver behind federal PQC migration mandates. Organizations handling long-lived sensitive data cannot wait for a CRQC to appear before migrating to post-quantum cryptography, as harvest now, decrypt later attacks are already capturing encrypted data in anticipation of its arrival.

The ability to switch between cryptographic algorithms, protocols, and key sizes quickly and without disrupting network operations or requiring application rewrites. A crypto-agile system manages cryptography through centralized policy configuration rather than hardcoded algorithm dependencies. Crypto-agility is essential for organizations that must adapt to evolving NIST PQC standards without repeated infrastructure overhauls.

The policies, processes, and controls an organization uses to manage its cryptographic assets across their full lifecycle. Cryptographic governance includes algorithm selection, key management, certificate management, compliance reporting, and audit readiness. Federal agencies and regulated enterprises require cryptographic governance frameworks to meet FIPS 140-3, CNSA 2.0, and EO 14144 requirements.

A measure of randomness used in cryptographic key generation. High-entropy randomness is essential for producing encryption keys that cannot be predicted or reproduced by an attacker. Low-entropy key generation is one of the most common sources of cryptographic failure in enterprise environments. NIST validates entropy sources as part of the FIPS 140-3 certification process. Phio TX uses a NIST-validated entropy source, ensuring its key generation meets federal randomness requirements.

Executive Order 14144, signed in January 2025, directs federal agencies to strengthen cybersecurity across critical infrastructure and accelerate migration to post-quantum cryptography. It requires agencies to inventory quantum-vulnerable systems, prioritize high-value assets for PQC migration, and align migration timelines with NSA CNSA 2.0 requirements and OMB cryptographic modernization guidance.

A standard published by the European Telecommunications Standards Institute (ETSI) that defines a REST-based application programming interface (API) for quantum key distribution networks. ETSI GS QKD 014 specifies how QKD systems deliver encryption keys to applications and network devices in a standardized, interoperable format. It enables organizations to integrate QKD key material into existing network infrastructure without vendor-specific proprietary interfaces. Phio TX supports ETSI GS QKD 014, allowing organizations to combine QKD-generated keys with post-quantum cryptography within a single crypto-agile key management architecture.

A cybersecurity certification scheme established by the European Union Agency for Cybersecurity (ENISA) under the EU Cybersecurity Act. EUCC provides a standardized framework for evaluating and certifying ICT products against Common Criteria security standards across EU member states. Organizations operating in European regulated industries including finance, healthcare, and critical infrastructure use EUCC certification to demonstrate product security compliance. EUCC aligns with international Common Criteria recognition agreements and is increasingly relevant for vendors selling into European government and enterprise markets.

A NIST standard that defines security requirements for cryptographic modules used by U.S. federal agencies. FIPS 140-3 replaced FIPS 140-2 and covers four security levels from Level 1 (software only) to Level 4 (physical tamper resistance). Federal agencies are required by law to purchase only FIPS 140-3 validated cryptographic solutions. Phio TX holds NIST CMVP Certificate #4850 for FIPS 140-3 validation.

A NIST post-quantum cryptography standard published August 13, 2024, specifying ML-KEM for quantum-resistant key encapsulation. ML-KEM is based on the CRYSTALS-Kyber algorithm and secures symmetric encryption keys in transit, replacing classical mechanisms including RSA and Diffie-Hellman that are vulnerable to quantum attack. FIPS 203 is one of three initial PQC standards required for CNSA 2.0 compliance. All ML-KEM parameter sets are supported. Phio TX holds NIST CAVP Certificate #6060 confirming its FIPS 203 ML-KEM implementation.

A NIST post-quantum cryptography standard published August 13, 2024, specifying ML-DSA for quantum-resistant digital signatures. ML-DSA is based on the CRYSTALS-Dilithium algorithm and provides authentication and data integrity for network communications, software updates, and certificate signing. FIPS 204 is required for national security systems under CNSA 2.0.

A NIST post-quantum cryptography standard published August 13, 2024, specifying SLH-DSA for quantum-resistant digital signatures. SLH-DSA is based on the SPHINCS+ algorithm and uses hash-based mathematics rather than lattice mathematics, providing a diversity option for defense in depth. It is slower than ML-DSA but relies on well-understood hash function security assumptions.

A conservative post-quantum key encapsulation mechanism based on the Learning With Errors (LWE) problem without the structured lattice assumptions used in ML-KEM. FrodoKEM offers a more conservative security profile at the cost of larger key sizes and is used as a secondary or hybrid option by organizations that want defense in depth beyond FIPS 203 ML-KEM. Phio TX supports FrodoKEM alongside ML-KEM and HQC.

An attack strategy in which an adversary captures and stores encrypted data today with the intent to decrypt it once a sufficiently powerful quantum computer becomes available. HNDL attacks are active now and target long-lived sensitive data including classified government communications, financial records, and healthcare data. Organizations must deploy quantum-safe encryption today to protect data that must remain confidential for five or more years. Also referred to as Store Now, Decrypt Later.

A code-based key encapsulation mechanism selected by NIST in March 2025 as a backup algorithm for ML-KEM (FIPS 203). HQC is based on error-correcting codes rather than lattice mathematics, providing a defense-in-depth option in the event ML-KEM is found to have vulnerabilities. A draft FIPS standard built around HQC is expected for public comment in 2026 with finalization targeted for 2027. Phio TX supports HQC alongside ML-KEM.

An approach that combines classical encryption algorithms (RSA, ECC) with post-quantum algorithms in a single cryptographic operation. Hybrid cryptography provides protection against both classical and quantum attacks simultaneously during the PQC migration period. NIST and NSA recommend hybrid approaches for high-value systems where migration cannot be completed immediately.

A cryptographic protocol used to securely establish a shared symmetric encryption key between two parties over an untrusted network. KEMs replace traditional key exchange mechanisms like Diffie-Hellman, which are vulnerable to quantum attacks. ML-KEM (FIPS 203) is the NIST-standardized post-quantum KEM required for CNSA 2.0 compliance.

A class of post-quantum cryptographic algorithms whose security relies on the computational difficulty of solving mathematical problems in high-dimensional lattices. Lattice problems remain hard for both classical and quantum computers. NIST selected lattice-based algorithms as the primary foundation for its PQC standards, including ML-KEM (FIPS 203) and ML-DSA (FIPS 204).

A cyberattack in which an adversary secretly intercepts and potentially alters communications between two parties who believe they are communicating directly with each other. MitM attacks target the key exchange process, allowing an attacker to capture or substitute encryption keys before they reach their intended destination. Quantum computers significantly increase the risk of MitM attacks by making classical key exchange mechanisms like RSA and Diffie-Hellman breakable. Out-of-band key management, as implemented in Phio TX, eliminates the primary MitM attack vector by separating key delivery from the data channel entirely.

A U.S. federal agency within the Department of Commerce responsible for developing and publishing technology standards, including cryptographic standards used by the U.S. government and industry. NIST manages the Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP), which validate cryptographic implementations against published FIPS standards. NIST published the first finalized post-quantum cryptography standards, FIPS 203, FIPS 204, and FIPS 205, on August 13, 2024.

A key management architecture that separates the channel used to deliver encryption keys from the channel carrying encrypted data. Out-of-band key delivery prevents harvest now, decrypt later attacks by ensuring adversaries who capture encrypted data in transit cannot access the keys required to decrypt it. Phio TX uses out-of-band key management as its core architectural defense against quantum and classical cryptographic threats.

The process of replacing quantum-vulnerable classical cryptography (RSA, ECC, Diffie-Hellman) with NIST-approved post-quantum algorithms across an organization’s network infrastructure, applications, and systems. PQC migration requires cryptographic discovery, risk prioritization, algorithm selection, deployment, and ongoing governance. Federal agencies must complete PQC migration for national security systems by 2033 under CNSA 2.0.

The point in time at which a cryptographically relevant quantum computer (CRQC) becomes capable of breaking widely used public-key encryption algorithms including RSA and ECC. Forrester Research projects Q-Day is likely to occur by 2030. Organizations handling long-lived sensitive data must complete PQC migration before Q-Day to protect against harvest now, decrypt later attacks already underway.

A U.S.-based industry coalition that advocates for federal quantum technology policy, investment, and standards adoption. The Quantum Industry Coalition works with Congress, federal agencies, and standards bodies to accelerate the development and deployment of quantum technologies including post-quantum cryptography. QIC members include technology companies, defense contractors, and research institutions with a stake in quantum computing, quantum networking, and quantum-safe security. The coalition supports legislative and regulatory efforts to fund quantum research and drive PQC migration timelines across the federal government. Members include Quantum XChange, AWS, Microsoft, Google, and IBM, among others.

A method of distributing encryption keys using the principles of quantum mechanics rather than mathematical complexity. QKD uses individual photons to transmit key material, exploiting quantum properties to detect eavesdropping. Any interception of the key transmission disturbs the quantum state and alerts the communicating parties. QKD requires specialized fiber optic or free-space optical infrastructure and is currently limited in range and scalability. Unlike PQC, QKD is a hardware-dependent solution and is not addressed by NIST PQC standards. Phio TX supports QKD as one of multiple key delivery methods within its crypto-agile architecture.

A device that generates random numbers using quantum mechanical processes such as photon detection or quantum vacuum fluctuations. QRNG produces true randomness rather than the pseudorandomness generated by software-based random number generators, making it a stronger entropy source for cryptographic key generation. High-quality randomness is a foundational requirement for secure encryption. Phio TX supports QRNG as an entropy source within its key management architecture, enabling organizations to strengthen their cryptographic foundations alongside PQC algorithm upgrades.

Classical public-key cryptographic algorithms that a sufficiently powerful quantum computer could break using Shor’s algorithm. Quantum-vulnerable algorithms include RSA, ECC (Elliptic Curve Cryptography), and Diffie-Hellman key exchange. Symmetric algorithms such as AES-256 are considered quantum-resistant with appropriate key sizes. Organizations must replace quantum-vulnerable algorithms with NIST-approved PQC standards before Q-Day.

A Cisco key management protocol used to establish and distribute encryption keys across IP networks. SKIP operates at the network layer and enables automated key exchange without requiring changes to application configurations. It is natively supported on Cisco routers, making it the primary integration path for organizations upgrading Cisco network infrastructure to post-quantum cryptography. Phio TX uses SKIP as one of its primary key management protocols, enabling drop-in integration with existing Cisco network infrastructure without changes to router configurations.

See Harvest Now, Decrypt Later (HNDL).