Cryptography
6 articles on Cryptography.
Cryptographic Bill of Materials (CBOM): Step 1 of PQC Migration
You can't migrate cryptography you can't see. A practical guide to building a Cryptographic Bill of Materials — what to inventory, how to find hidden crypto, how to score by data lifetime, and how the CBOM becomes your post-quantum migration plan.
June 4, 2026·5 min readPost-Quantum Cryptography Deadlines: What 2027, 2030 & 2035 Mean for Your Stack
NSA's CNSA 2.0 sets a 2027 acquisition deadline; NIST deprecates RSA-2048 and ECC P-256 by 2030 and disallows them by 2035. A plain-English guide to the PQC timeline and what each date actually requires you to do.
June 1, 2026·5 min readHybrid Cryptography: Why Ed25519 + ML-DSA Is the Safe Migration Path
Why serious post-quantum rollouts combine a classical and a post-quantum algorithm instead of switching outright. How hybrid signatures and KEMs work, how to combine them correctly, the pitfalls, and why QAuth signs with both Ed25519 and ML-DSA-65.
May 1, 2026·6 min readML-KEM vs ML-DSA: NIST's Post-Quantum Standards Explained
ML-KEM (FIPS 203) and ML-DSA (FIPS 204) solve two different problems — key exchange vs digital signatures. A clear, developer-focused explainer on what each does, their security levels, key and signature sizes, and when to use which.
April 15, 2026·5 min readMigrating to Post-Quantum Cryptography: A Practical Developer Guide (2026)
Harvest-now-decrypt-later means quantum-vulnerable data is already being stolen today. A practical, no-hype migration guide: crypto-agility, where ML-KEM and ML-DSA fit, the hybrid rollout, and a concrete inventory-first plan for engineering teams.
April 2, 2026·6 min readQuantumShield: Building a Post-Quantum Cryptography Library from Scratch
Deep dive into implementing hybrid post-quantum encryption using NIST FIPS 203/204/205 standards with defense-in-depth architecture. Learn about ML-KEM, ML-DSA, SLH-DSA, and cascading encryption.
January 29, 2026·10 min read