New: Post-Quantum Cryptography tools — is your domain quantum-safe? Check now
EP Cybertools Logo EP Cybertools
Post-Quantum NIST Approved 2024 Standard

Post-Quantum Cipher Tool

Experiment with NIST-standardized post-quantum cryptography algorithms. Encrypt and decrypt data using quantum-resistant methods.

Educational Tool - Not for Production Use

This is a demonstration tool for learning PQC concepts. For production encryption, use vetted libraries like liboqs, OpenSSL 3.2+, or BouncyCastle. Never use browser-based encryption for sensitive data.

Select Algorithm

Algorithm Details

Public Key
1568 bytes
Private Key
3168 bytes
Ciphertext
1568 bytes
Security
NIST Level 5
Key Generation

Generate a new key pair for the selected algorithm. Keys are generated client-side and never leave your browser.

Understanding PQC Algorithms

Kyber-1024

Module-lattice-based key encapsulation mechanism (KEM) standardized as FIPS 203. Used for establishing shared secrets in key exchange protocols. Offers excellent performance with small key sizes and fast operations. Kyber-1024 provides the highest security level (Level 5), equivalent to AES-256.

Dilithium-5

Lattice-based digital signature scheme standardized as FIPS 204. Provides strong security guarantees with moderate signature sizes. Dilithium-5 offers the highest security level, making it suitable for long-term protection of critical infrastructure. Widely adopted in TLS 1.3 and software signing.

SPHINCS+-256s

Stateless hash-based signature scheme standardized as FIPS 205. Unlike lattice-based schemes, SPHINCS+ relies only on hash functions, making it extremely conservative and trusted. The "256s" variant prioritizes smaller signatures over speed. Ideal for firmware signing and long-term digital archives.

ArrowAnimated arrow icon pointing right Learn More About Post-Quantum Cryptography

Explore our comprehensive guide to PQC standards, migration strategies, and industry adoption.

Visit PQC Guide ArrowAnimated arrow icon pointing right

Post-Quantum Cipher Suites and Algorithm Selection

A cipher suite is a combination of cryptographic algorithms used in a security protocol (e.g., TLS) to negotiate keys, authenticate parties, and encrypt data. Traditional cipher suites such as TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 combine ECDHE for key exchange, RSA for authentication, AES-GCM for bulk encryption, and SHA-384 for message authentication. In a post-quantum world, the ECDHE and RSA components become vulnerable to Shor's algorithm, requiring replacement with quantum-resistant alternatives while retaining strong symmetric encryption (AES-256 remains quantum-resistant under Grover's algorithm — it only halves effective key strength from 256 to 128 bits, which remains secure).

NIST's post-quantum standards define new algorithm families. ML-KEM (Module Lattice Key Encapsulation Mechanism, FIPS 203) replaces RSA-KEM and ECDH for key exchange, offering three security levels: ML-KEM-512 (NIST Level 1, ~AES-128 security), ML-KEM-768 (Level 3, ~AES-192), and ML-KEM-1024 (Level 5, ~AES-256). ML-DSA (FIPS 204) replaces RSA and ECDSA for digital signatures. Hybrid cipher suites — combining classical and post-quantum algorithms — are recommended during the migration period: X25519Kyber768Draft00 and X-Wing are hybrid TLS 1.3 groups being standardized by the IETF. Google and Cloudflare have already deployed hybrid PQC in TLS.

Authenticated Encryption with Associated Data (AEAD) schemes — AES-256-GCM, ChaCha20-Poly1305 — remain the standard for symmetric encryption in post-quantum cipher suites. These algorithms are not directly vulnerable to quantum attacks (no known quantum speedup beyond Grover's). The PQC Cipher tool helps evaluate cipher suite configurations, identify weak or deprecated algorithms (3DES, RC4, RSA <2048-bit, ECDH <256-bit, DHE <2048-bit), and recommend quantum-safe alternatives following NIST SP 800-131A and CNSA 2.0 (Commercial National Security Algorithm Suite) guidelines issued by the NSA.

CLI Cipher Suite Analysis

macOS / Linux

# Check supported cipher suites for a server
openssl s_client -connect example.com:443 -cipher 'TLSv1.3' 2>/dev/null | grep Cipher

# List all supported TLS 1.3 cipher suites
openssl ciphers -v TLSv1.3

# Test specific cipher suite
openssl s_client -connect example.com:443 -tls1_3 -ciphersuites TLS_AES_256_GCM_SHA384

# nmap SSL cipher scan
nmap --script ssl-enum-ciphers -p 443 example.com

Windows PowerShell

# List TLS cipher suites on Windows (PowerShell)
Get-TlsCipherSuite | Select-Object Name, Exchange, Cipher, Hash

# Check TLS version and cipher for a server
# In PowerShell: [Net.ServicePointManager]::SecurityProtocol
# Use Test-NetConnection for quick TLS check:
Test-NetConnection -ComputerName example.com -Port 443

Migration Strategy and Hybrid PQC Deployment

Migrating existing systems to post-quantum cryptography requires careful planning. The recommended approach is hybrid encryption: combining classical algorithms (X25519 Elliptic Curve Diffie-Hellman) with post-quantum algorithms (ML-KEM) in parallel, providing security as long as either algorithm remains unbroken. This defense-in-depth strategy protects against both classical and quantum attacks during the transition period. TLS 1.3 hybrid key exchange groups like X25519Kyber768Draft00 are already supported in Chrome, Firefox, and Cloudflare infrastructure.

Organizations should inventory all cryptographic usage: identify where RSA and ECC are used for key exchange and digital signatures in TLS certificates, code signing, SSH keys, encrypted email (S/MIME, PGP), VPN configurations, and application-level encryption. NIST recommends prioritizing migration for long-lived data (documents, communications that need confidentiality beyond 10 years) and critical public-key infrastructure. The US federal government requires CNSA 2.0 compliance by 2030. Private sector organizations following FedRAMP, FISMA, or defense contractor requirements should align timelines with these mandates.