Skip to content

Choose the Right Algorithm

Find your optimal algorithm in 3 minutes - performance, security, and compliance balanced

🚀 Get algorithm recommendation now

Quick Algorithm Selector

Estimated time: 3 minutes What you'll get: Personalized algorithm recommendation based on your requirements Requirements: Answer 3 simple questions

Answer These Questions

Question 1: What's your primary use case? - A: Encrypt data (files, databases, API payloads) - B: Digital signatures (documents, code, firmware) - C: Both (encrypt and sign)

Question 2: What's your security requirement? - A: Standard security (equivalent to AES-128) - B: High security (equivalent to AES-192) - C: Maximum security (equivalent to AES-256)

Question 3: What's your performance priority? - A: Speed critical (< 5ms latency) - B: Balanced (< 15ms acceptable) - C: Security over speed (any latency OK)

Your Recommendation

If you answered:

1A, 2C, 3B (Encrypt, Maximum security, Balanced): 

# Recommended: ML-KEM-1024
curl -X POST https://api.ankatech.co/keys \
  -d '{"algorithm":"ML_KEM_1024","purpose":"DATA_ENCRYPTION"}'
Why: NIST Level 5 (256-bit), 7ms decrypt, quantum-resistant, CNSA 2.0 approved

1B, 2C, 3B (Sign, Maximum security, Balanced): 

# Recommended: ML-DSA-87
curl -X POST https://api.ankatech.co/keys \
  -d '{"algorithm":"ML_DSA_87","purpose":"DIGITAL_SIGNATURE"}'
Why: NIST Level 5, 8ms sign, quantum-resistant, CNSA 2.0 approved

1C, 2C, 3C (Both, Maximum security, Security priority): 

# Recommended: Composite Key (RSA + ML-KEM)
curl -X POST https://api.ankatech.co/keys/composite \
  -d '{
    "classicalAlgorithm":"RSA_4096",
    "pqcAlgorithm":"ML_KEM_1024",
    "mode":"HYBRID_KEM_COMBINE"
  }'
Why: Defense-in-depth, 1000× more secure, instant rollback, federal compliance

🎯 Want detailed guidance? Continue reading for complete decision framework

Decision Framework

By Use Case

Encrypt Data (Files, Databases, APIs)

Standard security (NIST Level 3): 

Algorithm: ML-KEM-768
Performance: 6ms decrypt
Security: 192-bit (equivalent to AES-192)
Compliance: NIST FIPS 203, CNSA 2.0

Maximum security (NIST Level 5): 

Algorithm: ML-KEM-1024
Performance: 7ms decrypt
Security: 256-bit (equivalent to AES-256)
Compliance: NIST FIPS 203, CNSA 2.0, TOP SECRET approved

High-performance (NIST Level 1): 

Algorithm: ML-KEM-512
Performance: 8ms decrypt (paradoxically slower for small payloads)
Security: 128-bit (equivalent to AES-128)
Use case: High-throughput systems, non-critical data

Example: 

# Encrypt patient record (healthcare, 30-year retention)
curl -X POST https://api.ankatech.co/encrypt \
  -d '{
    "algorithm":"ML_KEM_1024",  # Maximum security
    "plaintext":"Patient: John Doe...",
    "retention":"30_YEARS"
  }'

Digital Signatures (Documents, Code, Firmware)

Standard security (NIST Level 3): 

Algorithm: ML-DSA-65
Performance: 5ms sign, 5ms verify
Signature size: ~3,309 bytes
Compliance: NIST FIPS 204, CNSA 2.0

Maximum security (NIST Level 5): 

Algorithm: ML-DSA-87
Performance: 8ms sign, 7ms verify
Signature size: ~4,627 bytes
Compliance: NIST FIPS 204, CNSA 2.0, TOP SECRET approved

Long-term signatures (50+ years): 

Algorithm: SLH-DSA-SHAKE-256f
Performance: 12ms sign, 4ms verify
Signature size: ~17,000 bytes
Special: Stateless (no key state to protect)
Use case: Firmware, legal archives, time-stamped documents

Example: 

# Sign software release (long-term validation)
curl -X POST https://api.ankatech.co/sign \
  -d '{
    "algorithm":"SLH_DSA_SHAKE_256f",  # Stateless
    "document":"software-v3.0.0.tar.gz",
    "purpose":"CODE_SIGNING"
  }'

By Security Requirement

NIST Security Levels

Level Symmetric Equivalent Quantum Operations Recommended Algorithms
L1 AES-128 (128-bit) 2^64 ML-KEM-512, ML-DSA-44
L3 AES-192 (192-bit) 2^96 ML-KEM-768, ML-DSA-65
L5 AES-256 (256-bit) 2^128 ML-KEM-1024, ML-DSA-87

Selection guideline: - L1: Non-critical data, high-performance needs - L3: Standard enterprise security (most use cases) - L5: High-value data, federal compliance, long retention

Example: Choose by data value: 

Application logs → L1 (ML-KEM-512)
Customer PII → L3 (ML-KEM-768)
Financial transactions → L5 (ML-KEM-1024)
Classified documents → L5 + Composite (maximum security)

By Performance Requirement

Latency-Sensitive Applications

Requirement: API response time < 10ms

Recommendation: 

Algorithm: ML-KEM-768
Latency: 6ms decrypt (vs 11ms RSA-4096)
Throughput: 167 ops/sec per core

Example: Real-time API encryption 

curl -X POST https://api.ankatech.co/encrypt \
  -d '{"algorithm":"ML_KEM_768","plaintext":"API response data"}'

Performance: 6ms decrypt allows sub-10ms total API response

High-Throughput Applications

Requirement: > 10,000 operations/second

Recommendation: 

Algorithm: AES-256-GCM (symmetric)
Latency: 3ms encrypt, 5ms decrypt
Throughput: 333 ops/sec per core × 50 cores = 16,650 ops/sec

But: Requires separate key management (KEK for AES key protection)

Alternative: ML-KEM-768 with horizontal scaling 

12 nodes × 1,200 ops/sec = 14,400 ops/sec (close to AES)

Batch Processing (Throughput Priority)

Requirement: Encrypt 100,000 files/hour (non-interactive)

Recommendation: 

Algorithm: ML-KEM-1024 (security priority)
OR: Composite (RSA + ML-KEM) for maximum defense

Batch processing: 100 concurrent workers
Throughput: 100 × 143 ops/sec = 14,300 ops/sec = 51M ops/hour

Verdict: ML-KEM handles batch processing easily (51M ops/hour >> 100K required)

By Compliance Requirement

Federal/Government (CNSA 2.0)

NSA CNSA 2.0 approved algorithms (for classified data):

Encryption: - ✅ ML-KEM-768 (SECRET classification minimum) - ✅ ML-KEM-1024 (TOP SECRET required) - ✅ AES-256-GCM (symmetric, any classification)

Signatures: - ✅ ML-DSA-65 (SECRET classification minimum) - ✅ ML-DSA-87 (TOP SECRET required) - ✅ SLH-DSA-SHAKE-256f (any classification, stateless)

Example: TOP SECRET document: 

curl -X POST https://api.ankatech.co/encrypt \
  -d '{
    "algorithm":"ML_KEM_1024",  # CNSA 2.0 L5
    "plaintext":"TOP SECRET//SI//NOFORN",
    "classification":"TOP_SECRET"
  }'

CNSA 2.0 compliance guide

Financial Services (PCI DSS)

PCI DSS 3.6.1 requirement: Strong cryptography with FIPS validation

Recommendation: 

Algorithm: AES-256-GCM (FIPS-validated now)
OR: ML-KEM-1024 (FIPS validation Q2 2026, quantum-ready)

Current state (2026): - ✅ AES-256-GCM: FIPS 140-2 validated (Certificate #4616) - ⏳ ML-KEM-1024: FIPS 140-3 validation in progress

Example: Credit card encryption: 

curl -X POST https://api.ankatech.co/encrypt \
  -d '{
    "algorithm":"AES_256_GCM",  # FIPS-validated
    "plaintext":"PAN: 4111-1111-1111-1111",
    "compliance":"PCI_DSS_3_6_1"
  }'

Future-proofing: Transition to ML-KEM-1024 after FIPS 140-3 validation (Q2 2026)

Healthcare (HIPAA)

HIPAA §164.312(a)(2)(iv): Encryption mechanisms (no specific algorithm mandated)

Recommendation: 

Algorithm: ML-KEM-1024 (quantum-resistant for 30-year retention)

Why ML-KEM for healthcare: - ✅ Patient records retained 30+ years (quantum threat relevant) - ✅ FIPS-validated (defensible in audits) - ✅ Quantum-resistant (future-proof)

Example: ePHI encryption: 

curl -X POST https://api.ankatech.co/encrypt \
  -d '{
    "algorithm":"ML_KEM_1024",
    "plaintext":"Patient: Jane Doe, MRN: 123456...",
    "compliance":"HIPAA_164_312",
    "retention":"30_YEARS"
  }'

By Data Lifetime

Short-Lived Data (< 5 Years)

Examples: Application logs, temporary files, cache data

Recommendation: 

Algorithm: AES-256-GCM (symmetric, fastest)
OR: ML-KEM-768 (if asymmetric needed)

Rationale: Quantum threat less relevant (data expires before quantum computers mature)

Medium-Lived Data (5-15 Years)

Examples: Financial transactions, contracts, customer records

Recommendation: 

Algorithm: ML-KEM-1024 (pure PQC)

Rationale: Quantum computers estimated 2030-2035 (within data lifetime)

Long-Lived Data (15+ Years)

Examples: Healthcare records (30 years), legal archives (50 years), nuclear data (100 years)

Recommendation: 

Algorithm: Composite (RSA-4096 + ML-KEM-1024)

Rationale: Defense-in-depth (hedge against PQC vulnerabilities discovered 20+ years from now)

Example: 50-year legal archive: 

curl -X POST https://api.ankatech.co/keys/composite \
  -d '{
    "classicalAlgorithm":"RSA_4096",
    "pqcAlgorithm":"ML_KEM_1024",
    "mode":"HYBRID_KEM_COMBINE",
    "retention":"50_YEARS"
  }'

Algorithm Catalog (81 Algorithms)

Post-Quantum Encryption (21 algorithms)

NIST-standardized (recommended): - ✅ ML-KEM-512 (FIPS 203) - High-performance - ✅ ML-KEM-768 (FIPS 203) - Standard security - ✅ ML-KEM-1024 (FIPS 203) - Maximum security

Alternative PQC KEMs (research, international standards): - FrodoKEM-640, FrodoKEM-976, FrodoKEM-1344 - HQC-128, HQC-192, HQC-256 - BIKE-128, BIKE-192, BIKE-256 - SABER variants (LightSaber, Saber, FireSaber) - NTRU-701, NTRU-1373 - Classic McEliece (CMCE) variants

When to use alternatives: Country-specific standards (China, EU), research, future-proofing

Post-Quantum Signatures (21 algorithms)

NIST-standardized (recommended): - ✅ ML-DSA-44 (FIPS 204) - High-performance - ✅ ML-DSA-65 (FIPS 204) - Standard security - ✅ ML-DSA-87 (FIPS 204) - Maximum security - ✅ SLH-DSA-SHAKE-128f/256f (FIPS 205) - Stateless

Alternative PQC signatures: - Falcon-512, Falcon-1024 (compact signatures) - SPHINCS+ variants (stateless, long-term) - Rainbow (fast verification, large keys)

When to use alternatives: Compact signatures needed (Falcon), extreme long-term (SPHINCS+)

Classical Algorithms (20 algorithms)

When to use: - ⚠️ Transitional period (before full PQC migration) - ⚠️ Backward compatibility (legacy systems) - ❌ NOT for new deployments (use PQC instead)

Encryption: RSA-2048/3072/4096, ECDH variants Signatures: ECDSA-P256/P384/P521, Ed25519, RSA-PSS

Symmetric Algorithms (17 algorithms)

Recommended: - ✅ AES-256-GCM (FIPS-validated, CNSA 2.0) - ✅ ChaCha20-Poly1305 (high-performance, mobile-friendly)

International standards: - Camellia-GCM (Japan) - SEED-GCM (South Korea) - SM4-GCM (China)

Algorithm Selection by Scenario

Scenario 1: High-Frequency Trading

Requirements: - Latency < 5ms - Throughput > 10,000 ops/sec - Quantum resistance

Recommendation: ML-KEM-768 

curl -X POST https://api.ankatech.co/keys \
  -d '{"algorithm":"ML_KEM_768","purpose":"HFT_MARKET_DATA"}'

Performance: - Encrypt: 3ms - Decrypt: 6ms - Throughput: 167 ops/sec per core × 100 cores = 16,700 ops/sec

Verdict: Meets all requirements (latency, throughput, quantum-resistant)

Scenario 2: Government Classified Data

Requirements: - TOP SECRET classification - CNSA 2.0 compliance - 50-year retention - Defense-in-depth

Recommendation: Composite (RSA-4096 + ML-KEM-1024) 

curl -X POST https://api.ankatech.co/keys/composite \
  -d '{
    "classicalAlgorithm":"RSA_4096",
    "pqcAlgorithm":"ML_KEM_1024",
    "mode":"HYBRID_KEM_COMBINE",
    "classification":"TOP_SECRET",
    "hsmRequired":true
  }'

Compliance: - ✅ CNSA 2.0 (ML-KEM-1024) - ✅ Defense-in-depth (composite) - ✅ HSM-backed (Luna Level 3)

Performance: 13ms decrypt (acceptable for non-interactive classification systems)

Scenario 3: SaaS Multi-Tenant Platform

Requirements: - Multi-tenant isolation - Moderate security (customer PII) - Good performance (API responses) - Cost-effective

Recommendation: ML-KEM-768 (per-tenant keys) 

# Generate key for Tenant 123
curl -X POST https://api.ankatech.co/keys \
  -H "Authorization: Bearer $TENANT_123_TOKEN" \
  -d '{"algorithm":"ML_KEM_768","tenantId":"123"}'

Benefits: - ✅ Tenant isolation (automatic) - ✅ Quantum-resistant - ✅ Good performance (6ms decrypt) - ✅ Cost-effective (moderate security level)

Scenario 4: Video Streaming Service

Requirements: - Encrypt large files (5-50 GB) - Good throughput (> 50 MB/s) - Moderate security (content protection, not TOP SECRET)

Recommendation: AES-256-GCM (streaming mode) 

curl -X POST https://api.ankatech.co/stream/encrypt \
  -F "algorithm=AES_256_GCM" \
  -F "[email protected]" \
  -o movie-50gb.enc

Performance: - Throughput: ~80 MB/s - 50 GB file: ~10 minutes - Memory: Constant 2 MB

Alternative: ML-KEM-1024 for quantum resistance (same throughput, slightly higher CPU)

Scenario 5: IoT Device Communication

Requirements: - Low compute overhead (embedded devices) - Long deployment (20-year device lifespan) - Quantum resistance

Recommendation: ML-KEM-768 (balance of performance and security) 

# Device enrollment key
curl -X POST https://api.ankatech.co/keys \
  -d '{
    "algorithm":"ML_KEM_768",
    "purpose":"IOT_DEVICE_ENCRYPTION",
    "deviceLifespan":"20_YEARS"
  }'

Why ML-KEM-768 for IoT: - ✅ Lower compute than ML-KEM-1024 (embedded-friendly) - ✅ Quantum-resistant for 20-year lifespan - ✅ NIST Level 3 adequate for IoT (not TOP SECRET)

Performance Comparison Table

Encryption Algorithms (1KB Payload)

Algorithm Encrypt Decrypt Throughput Security Quantum-Resistant
AES-256-GCM 3ms 5ms 333 ops/sec 256-bit ⚠️ Symmetric only
ML-KEM-512 4ms 8ms 125 ops/sec L1 (128-bit) ✅ Yes
ML-KEM-768 3ms 6ms 167 ops/sec L3 (192-bit) ✅ Yes
ML-KEM-1024 3ms 7ms 143 ops/sec L5 (256-bit) ✅ Yes
RSA-4096 3ms 11ms 91 ops/sec L3 (152-bit) ❌ No
Composite 5ms 13ms 77 ops/sec L5 + Defense ✅ Yes (1000×)

Winner for APIs: ML-KEM-1024 (best balance: 7ms, L5 security, quantum-resistant)

Signature Algorithms (1KB Document)

Algorithm Sign Verify Sig Size Security Quantum-Resistant
Ed25519 2ms 3ms 64 bytes L1 (128-bit) ❌ No
ML-DSA-44 4ms 5ms 2,420 bytes L2 (128-bit) ✅ Yes
ML-DSA-65 5ms 5ms 3,309 bytes L3 (192-bit) ✅ Yes
ML-DSA-87 8ms 7ms 4,627 bytes L5 (256-bit) ✅ Yes
ECDSA-P256 3ms 4ms 64 bytes L1 (128-bit) ❌ No
SLH-DSA-256f 12ms 4ms 17,000 bytes L5 ✅ Yes (stateless)

Winner for documents: ML-DSA-65 (balance of speed, size, security)

Migration Algorithm Mapping

Classical to PQC Equivalence

Encryption migrations: 

RSA-2048 → ML-KEM-512 (L1 → L1, but use ML-KEM-768 for upgrade)
RSA-3072 → ML-KEM-768 (L2 → L3, security upgrade)
RSA-4096 → ML-KEM-1024 (L3 → L5, security upgrade)

Recommendation: Always upgrade to ML-KEM-1024 (maximum security, minimal cost)

Signature migrations: 

ECDSA-P256 → ML-DSA-44 (L1 → L2, slight upgrade)
ECDSA-P384 → ML-DSA-65 (L3 → L3, equivalent)
ECDSA-P521 → ML-DSA-87 (L5 → L5, equivalent)
Ed25519 → ML-DSA-65 (L1 → L3, security upgrade)

Recommendation: Match NIST levels (P-384 → ML-DSA-65, P-521 → ML-DSA-87)

Detailed migration guide

Common Mistakes to Avoid

Mistake 1: Using ML-KEM-512 by Default

Wrong assumption: "Smaller number = faster"

Reality: 

ML-KEM-512 decrypt: 8ms
ML-KEM-768 decrypt: 6ms
ML-KEM-1024 decrypt: 7ms

Surprise: ML-KEM-768 is actually FASTEST (counterintuitive!)

Recommendation: Use ML-KEM-1024 by default (best security, only 1ms slower than ML-KEM-768)

Mistake 2: Mismatched Security Levels (Composite Keys)

Wrong: 

# Combining L1 classical with L5 PQC (imbalanced!)
{
  "classicalAlgorithm":"RSA_2048",  # L1
  "pqcAlgorithm":"ML_KEM_1024"      # L5
}

Error: "Mismatched security levels (L1 vs L5)"

Correct: 

# Match security levels
{
  "classicalAlgorithm":"RSA_4096",  # L3 (rounded to L5 in practice)
  "pqcAlgorithm":"ML_KEM_1024"      # L5
}

Rule: Both components must be same NIST level

Mistake 3: Using Composite Keys for High-Frequency APIs

Wrong: Composite keys for 10,000 ops/sec API

Problem: 

Composite decrypt: 13ms
Required throughput: 10,000 ops/sec
Theoretical max: 1,000ms ÷ 13ms = 77 ops/sec per core

Needs: 10,000 ÷ 77 = 130 CPU cores (expensive!)

Correct: Use ML-KEM-1024 for high-frequency 

ML-KEM decrypt: 7ms
Theoretical max: 143 ops/sec per core
Needs: 10,000 ÷ 143 = 70 CPU cores (half the cost)

Recommendation: Reserve composite keys for high-value data (not every API call)

Algorithm Selection Tool

Interactive Selector

Use our interactive tool to get personalized recommendation:

🔍 Algorithm Selector Tool

Inputs: - Use case (encryption, signature, both) - Security requirement (standard, high, maximum) - Performance budget (< 5ms, < 15ms, any) - Compliance needs (NIST, FIPS, CNSA, PCI, HIPAA) - Data lifetime (< 5y, 5-15y, > 15y)

Output: - Recommended algorithm - Code example (copy-paste ready) - Performance characteristics - Compliance mapping - Alternative options

Decision Tree

Start: What are you doing?
  ├─ Encrypting data?
  │   ├─ Latency < 10ms? → ML-KEM-768
  │   ├─ Maximum security? → ML-KEM-1024
  │   └─ Defense-in-depth? → Composite (RSA + ML-KEM)
  ├─ Signing documents?
  │   ├─ Standard security? → ML-DSA-65
  │   ├─ Maximum security? → ML-DSA-87
  │   └─ Long-term (50+ years)? → SLH-DSA-SHAKE-256f
  └─ Both (encrypt + sign)?
      └─ Federal compliance? → Composite dual (encryption + signature)

Test Your Choice

Benchmark Your Algorithm

Verify performance before committing:

# Test ML-KEM-1024 performance in YOUR environment
curl -sSL https://ankatech.co/benchmark.sh | bash -s -- \
  --algorithm ML_KEM_1024 \
  --iterations 100 \
  --payload-size 1KB

Output: 

Algorithm: ML-KEM-1024
Payload: 1 KB
Iterations: 100

Encrypt: median 3ms, p95 4ms, p99 5ms
Decrypt: median 7ms, p95 9ms, p99 11ms
Throughput: 125 ops/sec

Verdict: ✅ Suitable for API with < 10ms latency budget

What's Next?

Ready to choose your algorithm? - 🔍 Interactive selector (get personalized recommendation) - 📊 Benchmark tool (test performance in your environment) - 📥 Download algorithm guide (PDF, 20-page detailed guide) - 📧 Request algorithm consultation (free 30-min session with cryptographer)

Generate your first key: - Quick start guide - First encryption in 10 minutes - Composite keys guide - Hybrid algorithm setup - API reference - Complete key management API

Compare algorithms: - Performance benchmarks - Speed comparison across all 81 algorithms - Compliance mapping - Which algorithms for which standards - Migration guide - Classical to PQC mapping

Have questions? Email [email protected] or join our community forum

Last updated: 2026-01-07 | 81 algorithms supported | NIST FIPS 203/204/205 compliant