
Hardware SecurityApplication Security
PQShield UltraPQ-Suite
Post-quantum cryptography delivered across software, FPGA, and ASIC form factors.
PQShield UltraPQ-Suite Overview
What it does
PQShield UltraPQ-Suite is a Post-Quantum Cryptography (PQC) portfolio for organizations modernizing cryptography in software, FPGA, and ASIC deployments. Rather than a single library, the suite includes eight products mapped to distinct migration constraints, from low-memory embedded systems to high-throughput network cryptography and silicon root-of-trust use cases. The differentiator is optimization-led design: each module is tuned for ultra-small footprint, ultra-fast throughput, or ultra-secure implementation with side-channel and fault countermeasures.
How it works
The software path centers on PQMicroLib-Core and PQCryptoLib-Core, while PQCryptoLib-SDK provides an OpenSSL 3.x provider for integrating ML-KEM, ML-DSA, Falcon, and hybrid schemes into existing applications on Linux, Windows, and Mac. Hardware options include PQPlatform-CoPro and PQPlatform-TrustSys for cryptographic acceleration and root-of-trust architectures, plus the PQPerform line for high-throughput deployments, including RISC-V based configurations in PQPerform-Flex. The portfolio also defines four security grades, Cloud, Edge, Lab, and Government, aligning implementation and evaluation targets to NIST, Common Criteria, SESIP, and PSA expectations.
Credentials and traction
PQShield holds FIPS 140-3 CMVP certification with CAVP compliance across suite components including PQCryptoLib-Core and selected hardware modules, and maintains ISO 27001 and ISO 9001 certification at the company level, alongside Cyber Essentials. The company is an NCSC Assured Cyber Security Consultancy (ACSC) for post-quantum cryptography, a scheme covering UK government, public sector, and critical national infrastructure engagements. PQShield contributed to the international NIST PQC standards, and its TripleRatchet protocol work has been adopted in Signal's post-quantum messaging.
Key Capabilities
mapped to solution categoriesImplements CRYSTALS-Kyber (ML-KEM, FIPS 203), for key encapsulation and CRYSTALS-Dilithium (ML-DSA, FIPS 204), for digital signatures, the NIST-standardized post-quantum algorithms.
Supports hybrid key exchange combining classical (ECDH), and post-quantum (ML-KEM) algorithms, maintaining compatibility with non-PQC endpoints during the migration period.
Provides tooling to migrate TLS connections and certificate issuance to PQC algorithms, including testing compatibility with existing PKI and endpoint software stacks.
Lets an organization swap cryptographic algorithms without re-architecting applications, so quantum-vulnerable algorithms can be replaced as standards evolve.
Compliance
certificationsIntegrations
compatible toolsImplementation & support
Info last updated on May 27, 2026
Vendors
Is this your product?
Claim your profile to connect with the teams looking for your solutions.