Are Hybrid Signature and KEM Schemes FIPS-Compliant? (Q23a)
Hybrid key encapsulation mechanisms (KEMs) and hybrid signature schemes combining PQC algorithms with RSA or elliptic curve cryptography are emerging across various protocol specifications. This talk examines the standardization of hybrid constructions, such as hybrid ML-KEM and ML-DSA, within protocols including X.509, TLS, OpenPGP, and JWT. The talk outlines the certification pathway for these hybrids under FIPS standards, highlighting key considerations for implementers and FIPS laboratories.