NIST Post-Quantum Security Levels

NIST Level I - as secure as AES-128

The Search Learning With Errors (Search-LWE) Problem

Mostly studied by quantum information crowd. E.g. Chen in 2024 thought he had found an attack.

FrodoKEM

A post-quantum KEM - Key Encapsulation Method

Regev’s KEM from LWE

Lets us encrypt one bit.

Lattices

Shortest Vector Problem (SVP)

Want to find shortest distance in the lattice. Mostly studied by number theorists. There’s also Closest Vector Problem which is a generalisation, where the problem is to find the closest vector to a specific vector. If we can solve LWE we can solve CVP in this specific lattice. But the inverse is not true.

Related Reading

• 2025-10-08 Post-Quantum Cryptography