Post Quantum Algorithms
Demand for post-quantum computing safe algorithms is strong, wide-spread, and increasing.
Among the first such algorithms to receive official approval were LMS-HSS, which are useful in some scenarios while having drawbacks in others (such as not being copyable, thus no backup and no HA replication are possible). Thales released LMS-HSS for Luna HSMs at the beginning of 2025, fully compliant with the published standard.
ML-DSA and ML-KEM algorithms, on the other hand, were still in discussion and pre-approval phase (June 2025). Thales - a party to the development of the standard - needed to satisfy customers on urgent schedules who could not afford to wait for finalization. For this reason, the initial ML-DSA and ML-KEM versions created for Luna HSMs, and released in June of 2025 with HSM firmware version 7.9.0, are proprietary. They might differ slightly from the final approved version when the standards are eventually frozen and published. Every effort will be made to ensure compatibility and a smooth transition if needed. The ML-DSA and ML-KEM mechanisms produce keys/keypairs that can be cloned from partition to partition, backed-up and restored, and used in HA groups.
Topics in this section provide information for developers creating applications that use our Luna implementations of PQC algorithms.
>ML-DSA Programming Guide for Luna HSM
>Example Create, backup and restore ML-DSA keys (on a V1 partition)
>Example of ML-KEM creation, Backup and Restore
