On July 5, 2022, NIST announced the selection of the first four algorithms for its post-quantum cryptographic standard, concluding the third round of its six-year standardization process. CRYSTALS-Kyber was selected for key encapsulation, and CRYSTALS-Dilithium, FALCON, and SPHINCS+ were selected for digital signatures.
NIST recommended CRYSTALS-Kyber and CRYSTALS-Dilithium as primary algorithms for most use cases, with FALCON available for applications requiring smaller signatures and SPHINCS+ serving as a non-lattice-based backup. Four additional algorithms (BIKE, Classic McEliece, HQC, and SIKE) advanced to a fourth evaluation round. Draft standards were expected within two years.