
Ledger just shipped experimental post-quantum cryptography support in the Ledger SDK — here's what that actually means
Hey everyone,
I wanted to share something the Ledger OS team has been quietly working on: we've just added experimental support for ML-KEM and ML-DSA**,** the two post-quantum cryptography algorithms that NIST recently standardized (FIPS 203 and 204).
These algorithms are now running directly on the Secure Element on all Ledger signers from the Nano X onwards (chronologically speaking). We've exposed them as experimental APIs in both our Rust and C SDKs for anyone who wants to play with them.
This is experimental. The implementation isn't fully hardened yet, so please don't build production apps on top of it. The blog post goes into details regarding this aspect.
The blogpost covers the quantum threat context, the lattice-based math underneath these algorithms, how they're constructed, and a deep dive into our implementation and API.
📖 Blog: ledger.com/blog-post-quantum-cryptography-ledger-sdk
🛠️ Rust SDK: github.com/LedgerHQ/ledger-device-rust-sdk
🛠️ C SDK: github.com/LedgerHQ/ledger-secure-sdk
Happy to answer questions about the implementation, the threat model, or why we made the choices we did.
Cheers!