CRYSTALS-Dilithium
What is CRYSTALS-Dilithium?
CRYSTALS-DilithiumA lattice-based digital-signature scheme standardized by NIST as FIPS 204 (ML-DSA) in August 2024 and intended as the post-quantum replacement for RSA, DSA, and ECDSA signatures.
CRYSTALS-Dilithium is a digital-signature scheme built on the hardness of Module Learning With Errors (MLWE) and Module Short Integer Solution (MSIS) over structured lattices. It uses Fiat-Shamir with aborts and offers fast verification, with public keys around 1.3-2.6 kB and signatures around 2.4-4.6 kB depending on parameter set. NIST finalized it as FIPS 204 (ML-DSA) in August 2024 with parameter sets ML-DSA-44, ML-DSA-65, and ML-DSA-87 covering security categories 2, 3, and 5. It is the primary signature algorithm in NIST's PQC portfolio and is being integrated into X.509 PKI, code-signing pipelines, and hybrid TLS certificates.
● Examples
- 01
Used for ML-DSA-65 certificates in early PQC X.509 pilots by Cloudflare and AWS.
- 02
Selected as the default PQ signature in modern code-signing toolchains alongside SLH-DSA.
● Frequently asked questions
What is CRYSTALS-Dilithium?
A lattice-based digital-signature scheme standardized by NIST as FIPS 204 (ML-DSA) in August 2024 and intended as the post-quantum replacement for RSA, DSA, and ECDSA signatures. It belongs to the Cryptography category of cybersecurity.
What does CRYSTALS-Dilithium mean?
A lattice-based digital-signature scheme standardized by NIST as FIPS 204 (ML-DSA) in August 2024 and intended as the post-quantum replacement for RSA, DSA, and ECDSA signatures.
How do you defend against CRYSTALS-Dilithium?
Defences for CRYSTALS-Dilithium typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for CRYSTALS-Dilithium?
Common alternative names include: Dilithium, ML-DSA, FIPS 204.