Post-Quantum Cryptography Resources

---

Learn PQC from interactive platforms and courses.

• NIST PQC Project (https://csrc.nist.gov/Projects/post-quantum-cryptography): The authoritative starting point — covers the history of the competition, all submitted and selected algorithms, and links to each algorithm's specification and supporting materials.
• Coursera — Mathematics for Cryptographers (https://www.coursera.org/learn/mathematical-foundations-cryptography): Lattice-based cryptography, which underpins most PQC algorithms, requires linear algebra and number theory. This course builds that foundation.
• PQCrypto Summer Schools (https://pqcrypto.org/): The PQCrypto conference series has hosted summer schools and lecture recordings on post-quantum cryptography fundamentals and algorithms.
• Open Quantum Safe — Documentation and Tutorials (https://openquantumsafe.org/): Practical guides and examples for implementing PQC using the liboqs library, including drop-in TLS integrations.

The finalized NIST PQC standards — the most important documents in the field right now.

• FIPS 203 — ML-KEM (https://csrc.nist.gov/pubs/fips/203/final): The standard for the Module-Lattice-Based Key-Encapsulation Mechanism, based on CRYSTALS-Kyber. The primary algorithm for key establishment.
• FIPS 204 — ML-DSA (https://csrc.nist.gov/pubs/fips/204/final): The standard for the Module-Lattice-Based Digital Signature Algorithm, based on CRYSTALS-Dilithium. The primary algorithm for digital signatures.
• FIPS 205 — SLH-DSA (https://csrc.nist.gov/pubs/fips/205/final): The standard for the Stateless Hash-Based Digital Signature Algorithm, based on SPHINCS+. A hash-based alternative for signatures with different performance tradeoffs.
• FIPS 206 — ML-KEM (Draft) (https://csrc.nist.gov/pubs/fips/206/ipd): Draft standard for FN-DSA (FALCON), a lattice-based signature scheme well-suited for constrained environments.

Practical guidance for organizations planning or executing PQC migrations.

• QRAMM — Quantum Readiness Assessment Maturity Model (https://qramm.org/): A structured framework for assessing and maturing an organization's quantum readiness across people, processes, and technology.
• CISA Post-Quantum Cryptography Initiative (https://www.cisa.gov/quantum): CISA's hub for PQC migration resources, including timelines, sector-specific guidance, and the roadmap for federal agencies.
• NSA Cybersecurity Advisory — Quantum Computing and PQC (https://www.nsa.gov/Cybersecurity/Post-Quantum-Cybersecurity-Resources/): NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) guidance, with specific migration timelines for national security systems.
• NIST Migration to Post-Quantum Cryptography (https://csrc.nist.gov/projects/post-quantum-cryptography/migration-considerations): NIST's practical migration considerations, including cryptographic inventory, hybrid approaches, and deprecation timelines.
• NCSC (UK) PQC Migration Guidance (https://www.ncsc.gov.uk/collection/post-quantum-cryptography): The UK National Cyber Security Centre's migration guidance, useful for organizations outside the US.
• QRAMM — Quantum Readiness Assessment Maturity Model (https://qramm.org/): A structured framework for assessing and maturing an organization's quantum readiness across people, processes, and technology.

• "Post-Quantum Cryptography" edited by Daniel J. Bernstein, Johannes Buchmann, and Erik Dahmen (https://www.springer.com/gp/book/9783540887010): The foundational academic text on PQC, covering lattice-based, code-based, hash-based, and multivariate cryptography. Dense but comprehensive.
• "An Introduction to Mathematical Cryptography" by Hoffstein, Pipher, and Silverman (https://www.springer.com/gp/book/9781441926746): Covers the mathematical foundations of lattice cryptography, including NTRU and LWE, which underpin most PQC algorithms.

*Note: for the most up-to-date PQC research, check ePrint (https://eprint.iacr.org/) or arXiv (https://arxiv.org/) — both have active PQC paper submissions.

Stay up to date on the latest PQC developments.

• NIST CSRC News (https://csrc.nist.gov/news): Official announcements on standards, drafts, and workshops.
• A Few Thoughts on Cryptographic Engineering by Matthew Green (https://blog.cryptographyengineering.com/): Accessible deep-dives on cryptographic topics including PQC, written for practitioners and researchers alike.
• Schneier on Security (https://www.schneier.com/): Covers PQC news, policy, and implications alongside broader security topics.
• PQCrypto.org News (https://pqcrypto.org/): Tracks conferences, papers, and developments in the PQC research community.
• Crypto Stack Exchange — PQC tag (https://crypto.stackexchange.com/questions/tagged/post-quantum-cryptography): Community Q&A on PQC algorithms, implementations, and security questions.

Learn about PQC research, standards, and industry adoption from these organizations.

• NIST — Post-Quantum Cryptography (https://csrc.nist.gov/Projects/post-quantum-cryptography): The center of gravity for PQC standardization globally. Home to all algorithm specifications, evaluation reports, and ongoing standardization work.
• CISA (https://www.cisa.gov/quantum): Leads US government efforts to drive PQC adoption across critical infrastructure sectors.
• NSA (https://www.nsa.gov/Cybersecurity/Post-Quantum-Cybersecurity-Resources/): Sets PQC requirements for national security systems via CNSA 2.0.
• IACR — International Association for Cryptologic Research (https://www.iacr.org/): Hosts the research community producing PQC papers and peer review through conferences like Crypto, Eurocrypt, and Asiacrypt.
• Open Quantum Safe (OQS) (https://openquantumsafe.org/): An open-source project developing and integrating PQC algorithms for practical use, including the liboqs library and OpenSSL/BoringSSL integrations.
• ETSI Quantum Safe Cryptography Working Group (https://www.etsi.org/technologies/quantum-safe-cryptography): European standards body producing technical reports and specifications for PQC deployment.
• CSNP — CyberSecurity NonProfit (https://www.csnp.org/ ,  https://www.qramm.org ): A nonprofit focused on cybersecurity education and workforce development, with resources and programming that address post-quantum cryptography and quantum readiness.

Attend conferences to learn about the newest PQC research, implementations, and migration challenges.

• Crypto, Eurocrypt, and Asiacrypt (https://iacr.org/conferences/): The premier academic venues for PQC research papers.
• PQCrypto (https://pqcrypto.org/): Annual conference dedicated entirely to post-quantum cryptography research and practice.
• RSA Conference (https://www.rsaconference.com/): Covers PQC migration and industry adoption tracks alongside broader cybersecurity topics.
• Black Hat (https://www.blackhat.com/): Features PQC implementation talks, including research on attacks against PQC candidates and migration pitfalls.
• NIST PQC Workshops (https://csrc.nist.gov/Events): NIST hosts periodic workshops on PQC standardization and migration — recordings and slides are publicly available.

Implement and experiment with PQC algorithms using these libraries and tools.

• liboqs — Open Quantum Safe's C library implementing all NIST-selected PQC algorithms and additional candidates. 
  • Website: https://openquantumsafe.org/
  • GitHub: https://github.com/open-quantum-safe/liboqs
• OQS-OpenSSL — A fork of OpenSSL integrating liboqs, enabling PQC in TLS connections. 
  • GitHub: https://github.com/open-quantum-safe/openssl
• CRYSTALS-Kyber (ML-KEM) Reference Implementation — The official reference implementation of the FIPS 203 algorithm. 
  • GitHub: https://github.com/pq-crystals/kyber
• CRYSTALS-Dilithium (ML-DSA) Reference Implementation — The official reference implementation of the FIPS 204 algorithm. 
  • GitHub: https://github.com/pq-crystals/dilithium
• SPHINCS+ (SLH-DSA) Reference Implementation — The official reference implementation of the FIPS 205 algorithm. 
  • GitHub: https://github.com/sphincs/sphincsplus
• PQClean — A collection of clean, portable, and tested implementations of PQC schemes, designed for easy integration. 
  • GitHub: https://github.com/PQClean/PQClean
• Bouncy Castle — The Java and C# cryptographic library, which has added support for FIPS 203, 204, and 205. 
  • Website: https://www.bouncycastle.org/
• AWS-LC — Amazon's general-purpose cryptographic library with PQC support built in, used in AWS services. 
  • GitHub: https://github.com/aws/aws-lc