CIQ’s NSS Module First to Achieve CAVP Certification for Post-Quantum Cryptography Algorithms
CIQ’s NSS Module First to Achieve CAVP Certification for Post-Quantum Cryptography Algorithms
https://sg.finance.yahoo.com/news/ciqs-nss-module-first-achieve-170500721.html
Publish Date: 2026-02-04 12:05:00
Source Domain: sg.finance.yahoo.com
NSS with ML-KEM and ML-DSA algorithms passes lab testing and enters Modules in Process list, making Rocky Linux from CIQ one of the first Enterprise Linux distributions advancing FIPS-validated post-quantum cryptography with NSS
RENO, Nev., Feb. 4, 2026 /PRNewswire/ — CIQ today announced that Network Security Services (NSS) for Rocky Linux from CIQ (RLC) 9.6 with post-quantum cryptography (PQC) algorithms has achieved Cryptographic Algorithm Validation Program (CAVP) certification from the National Institute of Standards and Technology (NIST) and entered the Modules in Process (MIP) list. This milestone makes Rocky Linux from CIQ the first Enterprise Linux distribution with an NSS module containing NIST-approved PQC algorithms advancing toward full FIPS 140-3 validation.
Powering the next generation of software infrastructure (PRNewsfoto/CIQ)
The NSS module includes two NIST-approved PQC algorithms: ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism) for secure key exchange, and ML-DSA (Module-Lattice-Based Digital Signature Algorithm) for digital signatures. These algorithms are designed to resist attacks from both classical and quantum computers.
When Rocky Linux released NSS version 3.112 in September 2025 with ML-KEM and ML-DSA support, the algorithms were feature complete but not FIPS compliant. CIQ Distinguished Engineer and Samba Project Co-Creator Jeremy Allison led the effort to enhance NSS to meet FIPS 140-3 standards for submission to NIST.
“The ML-KEM and ML-DSA code in NSS was feature complete, but not FIPS compliant,” said Allison. “CIQ has enabled and open-sourced FIPS 140-3 compliance code in nss-3.112 for these increasingly important algorithms to provide security for our customers and help them prepare for the post-quantum future.”
All of CIQ’s FIPS PQC engineering work is open source and available on GitHub, contributing to the broader security community.
The National Security Agency’s CNSA 2.0 sets a…
