--- title: "FIPS cryptographic algorithm selector" canonical_url: "https://www.sorena.io/artifacts/global/fips-crypto-algorithms/algorithm-selector" source_url: "https://www.sorena.io/artifacts/global/fips-crypto-algorithms/algorithm-selector" author: "Sorena AI" description: "Choose between FIPS algorithm standards for AES, SHA-2, SHA-3, digital signatures, ML-KEM, ML-DSA, and SLH-DSA without overstating validation scope." published_at: "2026-05-09" updated_at: "2026-05-09" keywords: - "FIPS algorithms" - "AES" - "SHA-2" - "SHA-3" - "digital signatures" - "ML-KEM" - "ML-DSA" - "SLH-DSA" - "post-quantum cryptography" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # FIPS cryptographic algorithm selector Choose between FIPS algorithm standards for AES, SHA-2, SHA-3, digital signatures, ML-KEM, ML-DSA, and SLH-DSA without overstating validation scope. *Artifact Guide* *GLOBAL* *FIPS cryptographic algorithms* ## FIPS cryptographic algorithms Algorithm Selector Match the cryptographic service you need to the FIPS standard that actually specifies the algorithm. Use this selector to separate algorithm choice from implementation validation, module validation, protocol design, and procurement evidence. Use this page when a design review, supplier review, or architecture decision needs the right FIPS algorithm family. The selector does not certify a product or replace a FIPS 140-3 module review; it identifies the algorithm standard, the parameter decision to record, and the evidence boundary to check before making a public or audit claim. ## Start with the cryptographic service, not the algorithm name A FIPS algorithm decision should begin with the service the system needs: confidentiality, message digest, digital signature, key establishment, or quantum-resistant migration. The standard that supports the decision changes with that service. Keep the selector narrow. FIPS 197 specifies AES as a block cipher with AES-128, AES-192, and AES-256. FIPS 180-4 specifies SHA-1 and SHA-2 hash algorithms. FIPS 202 specifies SHA-3 hash functions and SHAKE extendable-output functions. FIPS 186-5 specifies classical digital signature algorithms, while FIPS 203, 204, and 205 specify post-quantum ML-KEM, ML-DSA, and SLH-DSA. - For symmetric encryption primitives, start with AES under FIPS 197 and record the selected key size. - For message digests and hash-dependent services, choose between SHA-2 under FIPS 180-4 and SHA-3 or SHAKE under FIPS 202 based on the consuming protocol or design. - For classical public-key signatures, use FIPS 186-5 and record the signature family, curve or modulus choices, hash function, and assurance source. - For post-quantum key establishment, use FIPS 203 ML-KEM and record ML-KEM-512, ML-KEM-768, or ML-KEM-1024. - For post-quantum signatures, use FIPS 204 ML-DSA or FIPS 205 SLH-DSA and record the parameter set, signature size impact, and relying protocol constraints. Sources for this answer: - [NIST FIPS 197-upd1 Advanced Encryption Standard](https://doi.org/10.6028/NIST.FIPS.197-upd1?ref=sorena.io) - Supports the AES algorithm choices and the distinction between AES-128, AES-192, and AES-256. - [NIST FIPS 180-4 Secure Hash Standard](https://doi.org/10.6028/NIST.FIPS.180-4?ref=sorena.io) - Supports SHA-1 and SHA-2 family hash-function coverage for digest decisions. - [NIST FIPS 202 SHA-3 Standard](https://doi.org/10.6028/NIST.FIPS.202?ref=sorena.io) - Supports SHA-3 hash functions and SHAKE extendable-output functions as separate selector branches. ## Selector table for common FIPS algorithm decisions Use the following decision table as the selector output. It names the standard that can support the algorithm claim and the minimum detail to capture before the decision is reusable. Do not turn the table into a validation claim. An algorithm standard can identify a FIPS-approved algorithm, but certificate evidence depends on the tested implementation, module boundary, operating environment, and the program under which the evidence was issued. - Confidentiality primitive: FIPS 197 AES; capture AES-128, AES-192, or AES-256, plus the separate mode or protocol source used by the design. - Hash or digest primitive: FIPS 180-4 SHA-2 family or FIPS 202 SHA-3/SHAKE; capture digest or output length and the protocol that consumes it. - Classical digital signature: FIPS 186-5; capture RSA, ECDSA, or EdDSA-related choices, required hash functions, and key-assurance evidence. - Post-quantum key establishment: FIPS 203 ML-KEM; capture the selected parameter set and whether the integration is hybrid, migration-only, or production-bound. - Post-quantum digital signature: FIPS 204 ML-DSA or FIPS 205 SLH-DSA; capture parameter set, signature-size limits, verification path, and protocol support. Sources for this answer: - [NIST FIPS 186-5 Digital Signature Standard](https://doi.org/10.6028/NIST.FIPS.186-5?ref=sorena.io) - Supports the classical digital signature selector branch and the need to identify the signature system. - [NIST FIPS 203 ML-KEM](https://doi.org/10.6028/NIST.FIPS.203?ref=sorena.io) - Supports the post-quantum key-encapsulation branch and the ML-KEM parameter-set choices. - [NIST FIPS 204 ML-DSA](https://doi.org/10.6028/NIST.FIPS.204?ref=sorena.io) - Supports selecting ML-DSA for post-quantum digital signature use cases. - [NIST FIPS 205 SLH-DSA](https://doi.org/10.6028/NIST.FIPS.205?ref=sorena.io) - Supports selecting SLH-DSA as the stateless hash-based post-quantum signature branch. *Recommended next step* *Placement: after practical guidance* ## Operationalize the FIPS algorithm selector Use this selector to create a narrow algorithm decision record before making validation, module, supplier, or public claims. - [Open Assessment Autopilot for FIPS algorithm evidence](/solutions/assessment.md): Convert selector decisions into scoped evidence requests, owner assignments, and review tasks. - [Research FIPS algorithm source questions](/solutions/research-copilot.md): Use cited NIST sources to resolve algorithm, parameter, and validation-boundary questions before implementation. - [Review a FIPS algorithm selector decision](/contact.md): Check whether algorithm, implementation, module, and certificate claims are being kept at the right level. ## Evidence boundary for an algorithm selection The selector output should be an algorithm decision record, not a product certification statement. Record the source standard, selected parameter set, implementation or library, consuming protocol, release version, and the claim type being made. If the organization needs certificate evidence, check the relevant NIST validation record separately. A CAVP algorithm certificate supports tested algorithm implementation details; a FIPS 140-3 module validation claim belongs to the cryptographic module boundary and security requirements, not to this selector alone. - Algorithm record: standard, algorithm family, parameter set, hash or output length, and reason for selection. - Implementation record: library, firmware, hardware accelerator, provider, version, platform, and enabled configuration. - Use-case record: protocol, data flow, key-management dependency, signature verification path, or key-establishment exchange that consumes the algorithm. - Validation record: CAVP certificate or CMVP module certificate only when the certificate scope matches the implementation and release being reviewed. - Change record: re-check the selector when the algorithm, parameter set, cryptographic library, module boundary, protocol, platform, or supplier changes. Sources for this answer: - [NIST CAVP validation search](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation-search?ref=sorena.io) - Supports checking public algorithm-validation records separately from the selector decision. - [NIST FIPS 140-3 security requirements for cryptographic modules](https://doi.org/10.6028/NIST.FIPS.140-3?ref=sorena.io) - Supports separating cryptographic module validation from an algorithm-standard selection. ## Rules for avoiding overstated FIPS claims Most selector errors come from compressing several different claims into one sentence. Avoid saying that a product, cloud service, protocol, or procurement item is FIPS-approved just because it uses an algorithm named in a FIPS publication. Write the claim at the correct layer. The algorithm standard supports the primitive. The implementation evidence supports the tested implementation. The module certificate supports a defined cryptographic module boundary. Protocol and product claims need their own design evidence. - Say "uses AES-256 as specified in FIPS 197" only when the implementation actually uses the AES-256 configuration. - Do not cite FIPS 180-4 or FIPS 202 as proof that every protocol use of a hash function is appropriate. - Do not cite FIPS 186-5, 204, or 205 without naming the selected signature algorithm and parameter choices. - Do not use ML-KEM, ML-DSA, or SLH-DSA wording to imply complete post-quantum migration; record the integration and interoperability state separately. - Do not use a CAVP or CMVP link unless the certificate scope, version, platform, and boundary match the release under review. Sources for this answer: - [NIST FIPS 197-upd1 Advanced Encryption Standard](https://doi.org/10.6028/NIST.FIPS.197-upd1?ref=sorena.io) - Supports narrowing AES claims to the AES configurations named by the standard. - [NIST FIPS 202 SHA-3 Standard](https://doi.org/10.6028/NIST.FIPS.202?ref=sorena.io) - Supports separating SHA-3 and SHAKE algorithm claims from broader protocol or product claims. - [NIST FIPS 140-3 security requirements for cryptographic modules](https://doi.org/10.6028/NIST.FIPS.140-3?ref=sorena.io) - Supports the warning that module validation is a separate claim with its own boundary. ## Algorithm selector checklist Use this checklist before approving an architecture decision, supplier statement, or public FIPS algorithm claim. Each item should be answered with a source, configuration record, or certificate reference when a validation claim is being made. - Name the cryptographic service first: confidentiality, digest, digital signature, key establishment, or post-quantum migration. - Name the exact FIPS standard and algorithm family that supports the service. - Record required parameters: AES key size, hash or XOF output length, signature family, ML-KEM parameter set, ML-DSA parameter set, or SLH-DSA parameter set. - Record the implementation boundary: library, module, hardware, firmware, operating environment, protocol, and release. - Attach validation evidence only when the CAVP or CMVP record matches the implementation, version, configuration, and boundary being asserted. - Rewrite any broad procurement or marketing wording that treats algorithm approval as product, protocol, or module validation. Sources for this answer: - [NIST CAVP validation search](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation-search?ref=sorena.io) - Supports the final certificate-scope check when the selector result is used in evidence review. - [NIST FIPS 203 ML-KEM](https://doi.org/10.6028/NIST.FIPS.203?ref=sorena.io) - Supports recording the selected ML-KEM parameter set for post-quantum key-establishment decisions. - [NIST FIPS 205 SLH-DSA](https://doi.org/10.6028/NIST.FIPS.205?ref=sorena.io) - Supports recording the selected stateless hash-based signature branch and parameter choices. ## Primary sources - [NIST FIPS 197-upd1 Advanced Encryption Standard](https://doi.org/10.6028/NIST.FIPS.197-upd1?ref=sorena.io) - Defines AES and the AES-128, AES-192, and AES-256 configurations used by the selector. - Quote: "Advanced Encryption Standard (AES)" - [NIST FIPS 180-4 Secure Hash Standard](https://doi.org/10.6028/NIST.FIPS.180-4?ref=sorena.io) - Defines the SHA-1 and SHA-2 family branch for hash and digest decisions. - Quote: "Secure Hash Standard" - [NIST FIPS 202 SHA-3 Standard](https://doi.org/10.6028/NIST.FIPS.202?ref=sorena.io) - Defines SHA-3 and SHAKE functions for hash and extendable-output decisions. - Quote: "SHA-3 Standard" - [NIST FIPS 186-5 Digital Signature Standard](https://doi.org/10.6028/NIST.FIPS.186-5?ref=sorena.io) - Defines the classical digital signature branch for algorithm selection. - Quote: "Digital Signature Standard" - [NIST FIPS 203 ML-KEM](https://doi.org/10.6028/NIST.FIPS.203?ref=sorena.io) - Defines ML-KEM and its parameter sets for post-quantum key-encapsulation decisions. - Quote: "ML-KEM-512, ML-KEM-768, and ML-KEM-1024" - [NIST FIPS 204 ML-DSA](https://doi.org/10.6028/NIST.FIPS.204?ref=sorena.io) - Defines ML-DSA for post-quantum digital signature decisions. - Quote: "Module-Lattice-Based Digital Signature Standard" - [NIST FIPS 205 SLH-DSA](https://doi.org/10.6028/NIST.FIPS.205?ref=sorena.io) - Defines SLH-DSA for stateless hash-based post-quantum signature decisions. - Quote: "Stateless Hash-Based Digital Signature Standard" - [NIST FIPS 140-3 security requirements for cryptographic modules](https://doi.org/10.6028/NIST.FIPS.140-3?ref=sorena.io) - Provides the separate cryptographic-module validation boundary that should not be implied by algorithm selection alone. - Quote: "security requirements for cryptographic modules" - [NIST CAVP validation search](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation-search?ref=sorena.io) - Public search page for checking algorithm-validation evidence when a certificate claim is made. - Quote: "validation-search" ## Related Topic Guides - [AES FIPS 197 requirements and evidence](/artifacts/global/fips-crypto-algorithms/aes-fips-197.md): AES FIPS 197 guidance for identifying supported key sizes, separating the block cipher from modes of operation, and avoiding unsupported FIPS validation claims. - [CAVP and ACVP validation evidence for FIPS algorithms](/artifacts/global/fips-crypto-algorithms/cavp-and-acvp-validation.md): How to read CAVP algorithm certificates, ACVTS/ACVP test coverage, CMVP module validation, and FIPS 140-3 procurement evidence without overstating the claim. - [CAVP Validation Evidence Workflow for FIPS Algorithms](/artifacts/global/fips-crypto-algorithms/cavp-validation-evidence-workflow.md): Workflow for collecting CAVP and ACVP evidence: algorithm certificates, implementation names, tested parameters, operating environments, and CMVP handoff records. - [FIPS 180-4 and FIPS 202 secure hash guidance](/artifacts/global/fips-crypto-algorithms/secure-hash-fips-180-4-and-fips-202.md): Choose and evidence SHA-2, SHA-3, and SHAKE use under FIPS 180-4, FIPS 202, CAVP validation, and FIPS 140-3 module claims. - [FIPS 186-5 and FIPS 204 digital signatures](/artifacts/global/fips-crypto-algorithms/digital-signatures-fips-186-5-and-fips-204.md): Compare FIPS 186-5 classical digital signatures with FIPS 204 ML-DSA, including scope, algorithm choices, key-use limits, and validation evidence boundaries. - [FIPS 203 ML-KEM vs RSA and ECDH key establishment](/artifacts/global/fips-crypto-algorithms/ml-kem-vs-rsa-and-ecdh.md): Compare FIPS 203 ML-KEM with RSA and ECDH key-establishment schemes using NIST SP 800-56A, SP 800-56B, CAVP, and CMVP grounding. - [FIPS 203, 204, and 205 Post-Quantum Algorithms](/artifacts/global/fips-crypto-algorithms/faq/fips-203-204-and-205-post-quantum-algorithms.md): FAQ on how FIPS 203 ML-KEM, FIPS 204 ML-DSA, and FIPS 205 SLH-DSA fit FIPS-approved cryptographic algorithm planning, implementation evidence, and validation checks. - [FIPS Algorithm Procurement Evidence FAQ](/artifacts/global/fips-crypto-algorithms/faq/procurement-evidence.md): What procurement teams should collect before accepting FIPS algorithm or module claims: CAVP certificates, CMVP module status, security policy scope, and supplier change triggers. - [FIPS approved algorithm selector workflow](/artifacts/global/fips-crypto-algorithms/approved-algorithm-selector-workflow.md): A source-linked workflow for selecting FIPS and NIST-approved cryptographic algorithms without overstating module validation, CAVP evidence, or approved-mode claims. - [FIPS approved mode procurement: certificates, boundaries, and evidence](/artifacts/global/fips-crypto-algorithms/approved-mode-procurement.md): Procurement guidance for FIPS approved mode claims: how to check CMVP certificates, CAVP evidence, module boundaries, tested environments, and supplier evidence before purchase. - [FIPS crypto transition and deprecation tracker](/artifacts/global/fips-crypto-algorithms/transition-and-deprecation-tracker.md): Track FIPS algorithm transitions, withdrawn guidance, CAVP evidence, CMVP module impact, procurement triggers, and approved-mode caveats without overstating validation status. - [FIPS KDF and MAC coverage for validated modules](/artifacts/global/fips-crypto-algorithms/kdf-and-mac-coverage.md): Map FIPS 140-3 KDF and MAC coverage to approved security functions, CAVP evidence, self-tests, service indicators, and module security policy entries. - [FIPS Key Management Mapping for Algorithms and SSP Evidence](/artifacts/global/fips-crypto-algorithms/key-management-mapping.md): Map FIPS 140-3 key management requirements to approved algorithms, SSP establishment methods, CAVP evidence, module boundaries, and key-use records. - [FIPS Procurement Evidence Review Workflow: CAVP, CMVP, Approved Mode](/artifacts/global/fips-crypto-algorithms/procurement-evidence-review-workflow.md): Review FIPS crypto procurement evidence by separating CAVP algorithm certificates from CMVP module certificates, Security Policy scope, approved mode, operating environment, change impact, and retention records. - [FIPS validation certificates for cryptographic algorithms](/artifacts/global/fips-crypto-algorithms/faq/validation-certificates.md): How to read CAVP algorithm validation certificates and CMVP module validation certificates without overstating FIPS-approved cryptographic algorithm claims. - [FIPS-approved cryptographic algorithms FAQ](/artifacts/global/fips-crypto-algorithms/faq.md): Answers to common FIPS algorithm questions: approved security functions, CAVP validation, CMVP module scope, AES modes, SHA-2, SHA-3, signatures, and post-quantum algorithms. - [How FIPS 180-4 and FIPS 202 Hash Functions Fit FIPS Algorithm Approval](/artifacts/global/fips-crypto-algorithms/faq/fips-180-4-and-fips-202-hash-functions.md): Use FIPS 180-4 for SHA-1 and SHA-2 hash algorithms, FIPS 202 for SHA-3 and SHAKE functions, and CAVP/CMVP evidence without treating a hash certificate as module validation. - [How FIPS 186-5 Signature Algorithms Fit FIPS Approval](/artifacts/global/fips-crypto-algorithms/faq/fips-186-5-signatures.md): Use FIPS 186-5 for RSA, ECDSA, deterministic ECDSA, EdDSA, HashEdDSA, DSA verification limits, approved hashes, and CAVP/CMVP evidence boundaries. - [ML-DSA vs ECDSA under FIPS 204 and FIPS 186-5](/artifacts/global/fips-crypto-algorithms/ml-dsa-vs-ecdsa.md): Compare ML-DSA and ECDSA for FIPS-aligned digital signature designs, including parameter choices, key handling, CAVP algorithm evidence, and CMVP module boundaries. - [Post-quantum FIPS 203, 204, and 205: ML-KEM, ML-DSA, and SLH-DSA](/artifacts/global/fips-crypto-algorithms/post-quantum-fips-203-204-205.md): A grounded guide to the three NIST post-quantum FIPS standards: when ML-KEM, ML-DSA, and SLH-DSA apply, what evidence to keep, and how CAVP and CMVP claims differ. - [Post-Quantum Migration for FIPS Cryptography](/artifacts/global/fips-crypto-algorithms/post-quantum-migration.md): Plan post-quantum migration for FIPS cryptography by separating ML-KEM key establishment, ML-DSA and SLH-DSA signatures, CAVP algorithm evidence, and CMVP module validation boundaries. - [Post-Quantum Migration Tracker for FIPS 203, 204, and 205](/artifacts/global/fips-crypto-algorithms/post-quantum-migration-tracker.md): Track post-quantum cryptography migration evidence for FIPS 203 ML-KEM, FIPS 204 ML-DSA, FIPS 205 SLH-DSA, CAVP algorithm certificates, and CMVP module boundaries. - [SHA-2 vs SHA-3 under FIPS 180-4 and FIPS 202](/artifacts/global/fips-crypto-algorithms/sha-2-vs-sha-3.md): Compare SHA-2 and SHA-3 for FIPS use: approved functions, validation evidence, compatibility, procurement checks, and when migration is not required. - [TLS use-case mapping for FIPS algorithm evidence](/artifacts/global/fips-crypto-algorithms/tls-use-case-mapping.md): Map TLS uses to FIPS algorithm, CAVP, CMVP, approved-mode, certificate-authority, and evidence checks without overstating protocol validation claims. - [What does FIPS 197 AES mean for FIPS-approved algorithms?](/artifacts/global/fips-crypto-algorithms/faq/fips-197-aes.md): FIPS 197 defines AES as a FIPS-approved block cipher, but AES use alone is not the same as CAVP algorithm testing or FIPS 140-3 module validation. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/global/fips-crypto-algorithms/algorithm-selector