Hall 4 · Exhibit 2 1 min
The Five Families of PQC
Diversification as a defense strategy
Why fiveDiversify so one break ≠ total collapse
LatticeML-KEM · ML-DSA (the workhorses)
Hash / CodeSLH-DSA · HQC · McEliece (backups)
IsogenySIKE — broken 2022 (cautionary tale)
Try it yourself
PQC Toolkit
Filterable algorithm cards for every PQC family.
NIST deliberately standardized algorithms from multiple mathematical families so that a breakthrough against one does not compromise the entire ecosystem. For twenty years, the internet relied on a single mathematical basket. Cryptographers building recognized they could not repeat that mistake.
| Family | Algorithm | FIPS | Job | Status |
|---|---|---|---|---|
| Lattice | ML-KEM (Kyber) | FIPS 203 | Key Exchange (KEM) | Chrome/Cloudflare live; Apple PQ3; Signal |
| Lattice | ML-DSA (Dilithium) | FIPS 204 | Digital Signatures | OpenSSL/BoringSSL; CNSA 2.0 |
| Hash | SLH-DSA (SPHINCS+) | FIPS 205 | Signatures (backup) | Standardized; backup if lattice breaks |
| Code | HQC | Pending | KEM (non-lattice backup) | Selected Mar 2025; Meta co-authored |
| Code | Classic McEliece | Under eval. | Static KEM | 1+ MB keys; high-security static use |
| Isogeny | SIKE (broken) | None | N/A | Broken 2022 on desktop in ~1 hour |
Key Takeaways
- NIST standardized algorithms from multiple math families so a breakthrough against one doesn't compromise all
- Lattice-based (ML-KEM, ML-DSA), hash-based (SLH-DSA), and code-based (HQC) are the primary families
- SIKE (isogeny-based) was broken in 2022, proving diversification is essential