The National Institute of Standards and Technology (NIST) has selected HQC (Hamming Quasi-Cyclic) as a backup algorithm for post-quantum encryption, supplementing the primary ML-KEM algorithm standardized in 2024. HQC, based on error-correcting codes, provides a mathematically distinct alternative to ML-KEM, which relies on structured lattices. This selection ensures a second line of defense in case vulnerabilities are discovered in ML-KEM. NIST plans to release a draft standard for HQC in 2026, with finalization expected in 2027.
HQC joins NIST’s portfolio of post-quantum cryptographic algorithms, which includes FIPS 203 (ML-KEM), FIPS 204, and FIPS 205 for digital signatures. These standards are designed to protect sensitive data from future quantum computing threats. HQC’s selection follows a rigorous evaluation of fourth-round candidates, including BIKE, Classic McEliece, and SIKE, as detailed in NIST IR 8545. While HQC requires more computational resources than ML-KEM, its robust security and clean operation make it a reliable backup option.
NIST’s post-quantum cryptography initiative, launched in 2016, aims to future-proof encryption systems against quantum attacks. The agency has also released draft guidance for implementing key encapsulation mechanisms (KEMs), including ML-KEM and HQC, in NIST Special Publication 800-227. Organizations are encouraged to adopt the finalized standards while preparing for the integration of HQC as a supplementary option.
For more details, visit NIST’s announcement here, the NIST IR 8545 report here, and download the full NIST IR 8545 PDF here.
March 12, 2025
