awesome-post-quantum

A curated list of resources about post-quantum cryptography.

To contribute, please file a PR. Please list items alphabetically.

Initiatives

• NIST's Post-Quantum Cryptography Project
• Open Quantum Safe

Learning Resources

• IACR ePrint
• NSA Post-Quantum Cryptography FAQ
• pqcrypto.org (incl. conference series)

SoK-type papers:

• A Decade of Lattice-Based Cryptography by Chris Peikert
• Mathematics of Isogeny-Based Cryptography by Luca de Feo

Applications

• Microsoft/PQCrypto-VPN
• StarkWare (PQ proofs of knowledge)

Libraries

• aws/s2n-tls
• kudelskisecurity/crystals-go
• Microsoft/PQCrypto-LWEKE (FrodoKEM)
• Microsoft/PQCrypto-SIDH
• mupq/pqm4
• open-quantum-safe/liboqs
• PQClean/PQClean
• rustpq/pqcrypto
• wultra/sike-java

Algorithms

NIST Round 3

Code-based:

• BIKE (KEM, alternate candidate)
• Classic McEliece (KEM, finalist)
• HQC (KEM, alternate candidate)

Hash-based:

• SPHINCS+ (signature, alternate candidate)

Isogeny-based:

• SIKE (KEM, alternate candidate)

Lattice-based:

• Dilithium (signature, finalist)
• Falcon (signature, finalist)
• FrodoKEM (KEM, alternate candidate)
• Kyber (KEM, finalist)
• NTRU (KEM, finalist)
• NTRU Prime (KEM, alternate candidate)
• SABER (KEM, finalist)

MQ-based:

• GeMSS (signature, alternate candidate)
• Rainbow (signature, finalist)

ZKP-based:

• Picnic (signature, alternate candidate)

Other Algorithms

• All NIST Round 1 submissions

Isogeny-based:

• CSIDH (KEM)

Companies

Respectable companies offering PQ solutions:

• AWS
• IBM
• PQShield

Standardization Efforts

IETF:

• ID Framework to Integrate Post-quantum Key Exchanges into Internet Key Exchange Protocol Version 2 (IKEv2)
• ID Hybrid Post-Quantum Key Encapsulation Methods (PQ KEM) for Transport Layer Security 1.2 (TLS)
• ID Hybrid key exchange in TLS 1.3
• RFC 8391: XMSS: eXtended Merkle Signature Scheme
• RFC 8554: Leighton-Micali Hash-Based Signatures

Misc

• PQC WIKI
• SUPERCOP (benchmarks)