Quantum Coin logo

Quantum Resistance - NIST Standardized Post-Quantum Cryptography

Quantum Coin uses NIST standardized post-quantum cryptography in hybrid mode. Quantum Coin implements the finalized NIST standardized post-quantum cryptography (PQC) in hybrid mode, providing defense-in-depth protection against both quantum and classical cryptographic attacks.

TL;DR — At a Glance

For readers who want the essentials: Quantum Coin combines NIST-standardized post-quantum algorithms with classical ones so that your funds and node traffic stay protected even if one layer is ever weakened. The table below summarizes what is used where.

Component PQC Algorithm NIST Standard Classical Algorithm Hybrid
Signatures ML-DSA-44/87, SLH-DSA-SHAKE-256f/s FIPS 204, FIPS 205 ed25519 Yes
Key Establishment ML-KEM-768 FIPS 203 X25519 Yes

All signature operations use hybrid constructions: an attacker would need to break both the post-quantum and the classical algorithm to forge a signature. See NIST PQC FAQs for context on hybrid PQC.

The Quantum Threat

Using Shor’s algorithm on large-scale Quantum Computers, it is possible to break the asymmetric cryptography schemes that current blockchains rely upon. Blockchains such as Bitcoin, Ethereum, and Dogecoin are critically vulnerable to quantum attacks because they use elliptic curve cryptography (ECDSA/secp256k1) that can be factored in polynomial time by a quantum computer.

Account security will be compromised if the underlying cryptography is not quantum-resistant. This means that private keys could be derived from public keys, allowing malicious actors to withdraw funds and perform double-spend attacks.

NIST Post-Quantum Cryptography (PQC) Standards

Post-quantum cryptography (PQC) refers to cryptographic algorithms—usually public-key algorithms—that are thought to be secure against an attack by a quantum computer. The National Institute of Standards and Technology (NIST) has finalized the primary standards for PQC, which Quantum Coin has fully implemented:

  • FIPS 203: ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism; standardized from Kyber) — Finalized standard for secure key exchange. NIST FIPS 203.
  • FIPS 204: ML-DSA (Module-Lattice-Based Digital Signature Algorithm; standardized from Dilithium) — Finalized standard for digital signatures. NIST FIPS 204.
  • FIPS 205: SLH-DSA (Stateless Hash-Based Digital Signature Algorithm; standardized from SPHINCS+) — Finalized standard for robust hash-based signatures. NIST FIPS 205.

These NIST standards (FIPS 203, 204, 205) are the result of a multi-year global competition and are designed for high security and broad interoperability.

Hybrid Cryptography Implementation Strategy

Quantum Coin employs these NIST standardized algorithms in a hybrid construction to secure both user accounts and inter-node P2P communication. The hybrid approach combines post-quantum algorithms with classical ones (such as Ed25519 and X25519) so that the system remains secure as long as at least one of the component algorithms remains unbroken. Hybrid mode also provides a hedge if any single primitive is later weakened — you stay protected by the other layers. This follows the migration guidelines established by NIST and global cybersecurity agencies (such as ANSSI and BSI). For more on why hybrid PQC is recommended, see NIST PQC FAQs.

Digital Signatures

For digital signatures and account security, Quantum Coin uses a hybrid multi-signature construction combining:

  • ML-DSA (FIPS 204) — Module-lattice-based post-quantum signature.
  • SLH-DSA (FIPS 205) — Stateless hash-based post-quantum signature (security based on hash functions; an extra layer even if lattice assumptions were ever weakened).
  • Ed25519 (FIPS 186-5) — Classical EdDSA signature for proven classical security.

Verification requires all component signatures required by the chosen mode to be valid. In practice this means an attacker must break both the post-quantum and the classical algorithm to forge a signature. The implementation supports two families: legacy naming (Dilithium + ed25519 + SPHINCS+) and FIPS-aligned naming (ML-DSA + ed25519 + SLH-DSA).

Compact vs full mode (what this means for you): Most operations use compact mode (ML-DSA + ed25519) for smaller on-chain size and faster verification. Full mode adds SLH-DSA for defense-in-depth — for example, the proposal message of every 4,096th block is signed in full mode to maintain a strong security baseline while keeping average block size manageable.

Scheme ML-DSA Variant SLH-DSA Variant Classical NIST Security Level
Scheme 1 ML-DSA-44 SLH-DSA-SHAKE-256f ed25519 Level 1 / Level 5
Scheme 2 ML-DSA-87 SLH-DSA-SHAKE-256s ed25519 Level 5 / Level 5

Key Encapsulation for Node Communication

For secure P2P node communication, Quantum Coin uses a PQC-capable key establishment protocol. The KEM (key encapsulation mechanism) selection is time-gated so the network can upgrade to the strongest hybrid without breaking existing nodes:

  • Before the switch time: Kyber512 (PQC KEM) is used to establish the session.
  • After the switch time: Hybrid X25519 + ML-KEM-768 (FIPS 203) is used — combining classical ECDH with NIST-standardized post-quantum key encapsulation.

The default mainnet configuration sets this switch to 1 February 2026 00:00:00 UTC (see defaults/config.go in the node repository). Session keys are derived using HKDF (RFC 5869), and the handshake follows RFC 8446 (TLS 1.3)-style architecture. Node identity is verified via the node’s hybrid PQC key pair rather than a certificate.

Open Source Verification

The complete implementation is open source and available for public audit in the Quantum Coin Go node repository at github.com/quantumcoinproject/quantum-coin-go (branch dogep). Quantum Coin uses a fork of Cloudflare’s CIRCL library for PQC and hybrid primitives (dependency github.com/quantumcoinproject/circl).

Where to look in the code:

  • Cryptography implementation: ./crypto — FIPS 203, 204, and 205 implementations; CIRCL hybrid signature bindings under ./crypto/*.
  • Post-quantum P2P handshake: ./p2p/rlpx — Client and server handshake logic; hybrid KEM selection.
  • KEM selection and session logic: ./crypto/keyestablishmentalgorithm/kem.go — Kyber512 / X25519+ML-KEM-768.
  • Protocol-level switches (signature algorithm block, KEM switch time): ./defaults/config.go.
  • Hybrid signature algorithm IDs and verification: ./crypto/crypto.go, ./crypto/cryptobase/cryptobase.go.

Quick verification (for reviewers and developers): From the quantum-coin-go repository root, run:

go test ./crypto/...
go test ./p2p/rlpx

These tests exercise the PQC and hybrid components. For a concise evidence table mapping components to file paths, see the quantum-coin-go README.

Read more in the Quantum Resistance Whitepaper.

Quantum Coin Vision
Vision

The Vision of Quantum Coin.

Quantum Coin Quantum Resistance
Quantum Resistance

Quantum Resistance in the Quantum Coin blockchain.

Quantum Coin Blockchain Smart Contracts
Smart Contracts

Smart Contract support in the Quantum Coin blockchain.

Quantum Coin Proof-of-Stake consensus
Consensus

Proof of Stake consensus.

Data Availability in Quantum Coin Blockchain
Data Availability

Data Availability, long term and short term.

Quantum Coin Blockchain Allocation
Blockchain Allocation

Bitcoin + Ethereum + Dogecoin + DogeP multi-fork.

Dynamic Transactions Per Second model, Quantum Coin Blockchain
Dynamic TPS

Dynamic Transactions Per Second model.

Quantum Coin Block Explorer
Block Explorer

QuantumScan.com

Quantum Coin Github source code, documentation
Github

Source code, documentation are maintained in Github.

Quantum Coin Improvement Proposals
QCIPs

Quantum Coin Improvement Proposals

Help

Quantum Coin is developed and maintained by an open community. Hop on to the community discord server for help with development.

On this page: