Free Tool · Quantum Security
PQC Algorithm Selector
Four steps. A specific NIST FIPS 203/204/205 algorithm recommendation with parameter set, technical justification, key and signature size data, and library references. No account required. Results appear on this page.
- Runs entirely in your browser: nothing is stored or transmitted
- Returns a named algorithm and parameter set, not a range
- Covers ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205)
Your answers are used only to determine your algorithm recommendation. No email address, company name, or IP address is collected as part of this assessment. All processing happens in your browser. If you choose to enter your email address in the newsletter form, that information is stored separately and only used to send you the updates you asked for.
What this tool collects
This tool collects your four wizard answers and evaluates them against the recommendation rules. All processing happens in your browser. Your answers are not sent to a server.
What is not collected
Your IP address is not collected or stored. Your company name is not collected. Your email address is not collected unless you choose to provide it to receive updates.
Third parties
Your data is not sold to third parties. Your data is not shared with advertising networks. Your data is not used for any purpose other than those described here.
How this tool works
The PQC Algorithm Selector takes four inputs and returns a single named algorithm recommendation from the three finalised NIST PQC standards: FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA). It is a branching decision tree, not a scoring system. Given your inputs, exactly one primary recommendation results.
FIPS 206 (FN-DSA, formerly FALCON) is not included: it is not a final standard as of March 2026. Classical algorithms (RSA, ECDSA, ECDH) are shown only in the size comparison table for reference.
The tool returns technical justification, key and signature sizes, performance characteristics, hybrid configuration guidance where applicable, and library support references. It does not assess regulatory compliance, organisational readiness, or migration complexity.
What are you implementing?
Select the primary cryptographic operation you are implementing. If your application uses both key exchange and signatures, run the tool twice — once for each use case.
Nothing is transmitted from your browser.
What security level do you need?
NIST security levels indicate resistance to quantum attack, measured against AES key strength. Level 1 is adequate for most commercial applications. Level 5 is required by CNSA 2.0 for US National Security Systems. If unsure, Level 3 is the most widely adopted default for new PQC deployments.
Nothing is transmitted from your browser.
What are your performance constraints?
Post-quantum algorithms have larger key sizes and signatures than their classical equivalents. ML-KEM-768 public keys are 1,184 bytes vs 64 bytes for ECDH P-256. ML-DSA-65 signatures are 3,309 bytes vs 64 bytes for ECDSA P-256. Your environment determines which parameter set is practical.
Nothing is transmitted from your browser.
Do you need a hybrid scheme combining a classical algorithm with a post-quantum algorithm?
Hybrid schemes combine a classical algorithm (such as X25519) with a post-quantum algorithm (such as ML-KEM-768) so that security holds even if one component is broken. Most European national guidance recommends hybrid during transition. CNSA 2.0 requires PQC-only as the end-state for National Security Systems.
Nothing is transmitted from your browser.
Need a structured migration assessment?
The PQC Readiness Checklist Generator walks you through your cryptographic inventory, compliance obligations, and migration sequencing. Designed for security architects and programme leads.
Open the Readiness Checklist