---
title: "ML-DSA vs ECDSA under FIPS 204 and FIPS 186-5"
canonical_url: "https://www.sorena.io/artifacts/global/fips-crypto-algorithms/ml-dsa-vs-ecdsa"
source_url: "https://www.sorena.io/artifacts/global/fips-crypto-algorithms/ml-dsa-vs-ecdsa"
author: "Sorena AI"
description: "Compare ML-DSA and ECDSA for FIPS-aligned digital signature designs, including parameter choices, key handling, CAVP algorithm evidence, and CMVP module boundaries."
published_at: "2026-05-09"
updated_at: "2026-05-09"
keywords:
  - "ML-DSA vs ECDSA FIPS digital signatures"
  - "ML-DSA"
  - "ECDSA"
  - "FIPS 204"
  - "FIPS 186-5"
  - "CAVP"
  - "CMVP"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# ML-DSA vs ECDSA under FIPS 204 and FIPS 186-5

Compare ML-DSA and ECDSA for FIPS-aligned digital signature designs, including parameter choices, key handling, CAVP algorithm evidence, and CMVP module boundaries.

*Artifact Guide* *GLOBAL* *FIPS digital signatures*

## ML-DSA vs ECDSA under FIPS 204 and FIPS 186-5

A focused comparison for teams choosing, implementing, or reviewing FIPS-aligned digital signature algorithms.

Use it to separate algorithm standards, parameter choices, CAVP evidence, and CMVP module validation scope.

ML-DSA and ECDSA are both digital signature choices in the NIST FIPS ecosystem, but they are not interchangeable labels. FIPS 204 standardizes ML-DSA, a module-lattice-based post-quantum signature algorithm. FIPS 186-5 specifies ECDSA and other digital signature algorithms, with ECDSA depending on elliptic-curve domain parameters and per-message secret handling. A useful comparison records which algorithm is being claimed, which parameters are used, whether the implementation has CAVP evidence, and whether the surrounding cryptographic module is inside a CMVP validation boundary.

## FIPS 204 ML-DSA vs ECDSA under FIPS 186-5

Compare the algorithm standard, parameters, key handling, validation evidence, and module boundary before reusing claims across ML-DSA and ECDSA.

- **FIPS 204 ML-DSA**: Use this side when the signature claim is ML-DSA or HashML-DSA under FIPS 204, including ML-DSA-44, ML-DSA-65, or ML-DSA-87 parameter choices.
- **ECDSA under FIPS 186-5**: Use this side when the signature claim is ECDSA or deterministic ECDSA under FIPS 186-5, including the named curve/domain parameters and hash or XOF choices.

| Dimension | FIPS 204 ML-DSA | ECDSA under FIPS 186-5 | Operational implication | Sources |
| --- | --- | --- | --- | --- |
| Standard scope | FIPS 204 specifies ML-DSA, including key generation, signature generation, signature verification, supporting algorithms, and approved ML-DSA parameter sets. | FIPS 186-5 specifies ECDSA signature generation and verification as part of the Digital Signature Standard, with elliptic-curve domain parameters supplied through SP 800-186. | Start by naming the algorithm and standard. Do not use FIPS 204 to justify ECDSA claims or FIPS 186-5 to justify ML-DSA parameter-set claims. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Grounds ML-DSA scope.<br>[NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Grounds ECDSA scope. |
| Covered actors | Federal agencies, contractors, and module vendors implementing ML-DSA under FIPS 204 for digital signature use cases requiring post-quantum algorithm compliance or NIST-approved lattice-based signing. | Federal agencies, contractors, and module vendors implementing ECDSA under FIPS 186-5 for digital signature use cases that require classical elliptic-curve signature algorithms with approved domain parameters. | Match the actor role to the algorithm: use ML-DSA for post-quantum migration planning; use ECDSA for current approved digital signature operations. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Trigger | ML-DSA implementations should record whether the claim uses ML-DSA-44, ML-DSA-65, or ML-DSA-87 and whether the pure or pre-hash signing interface is used. | ECDSA implementations should record the curve/domain parameters, hash or XOF, key-size security strength, and whether the signature process is randomized or deterministic. | Record whether the implementation trigger is post-quantum migration (ML-DSA) or current FIPS compliance (ECDSA) to choose the appropriate algorithm family. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Core obligations | ML-DSA key generation uses an approved random bit generator for the seed, with security-strength requirements that differ by parameter set. | ECDSA requires the private key and per-message secret numbers to be protected; deterministic ECDSA derives the per-message secret from the message hash and private key through the specified process. | Protect key material and RBG dependencies for both algorithms; ML-DSA adds lattice-specific seed protections that ECDSA does not require. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Evidence | For ML-DSA, look for CAVP evidence that matches the implementation, FIPS 204 revision, parameter set, and function form being claimed. | For ECDSA, look for CAVP evidence that matches ECDSA or deterministic ECDSA, the applicable curve/domain parameters, hash or XOF, implementation, and certificate status. | Collect CAVP validation evidence matching the specific algorithm variant and parameter set; do not reuse ECDSA CAVP records for ML-DSA claims. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Timing | ML-DSA availability is tied to FIPS 204 publication and CAVP validation entry availability. Migration planning should account for protocol support, hybrid transition design, and NIST post-quantum migration guidance timelines. | ECDSA remains approved under FIPS 186-5 with current validity unless NIST deprecation or SP 800-131A revision changes its status. Transition away from ECDSA is expected as post-quantum migration guidance matures. | Note that ML-DSA availability is tied to FIPS 204 publication and CAVP entry availability; ECDSA timelines are governed by FIPS 186-5. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Enforcement | An ML-DSA implementation may sit inside a FIPS 140-3 cryptographic module boundary, but the module certificate, security policy, approved mode, and listed algorithms determine the validated claim. | An ECDSA implementation may also sit inside a FIPS 140-3 cryptographic module boundary, but the ECDSA certificate entry must still align with the module version and operational environment. | Both algorithms may sit inside a FIPS 140-3 module boundary; confirm that the module boundary claim covers the correct algorithm variant and parameter set. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Overlap | Both algorithms use approved randomness, but not in the same way: ML-DSA draws an approved RBG seed for key generation and may also draw hedged per-signature randomness, while ECDSA requires a fresh per-message secret number and protects it like private key material. | Both algorithms can rely on FIPS-approved module assurance, but the evidence is different: ML-DSA claims should point to the ML-DSA parameter set and CAVP record, while ECDSA claims should point to the curve/domain parameters, the signature method, and the matching validation record. | Both algorithms require an approved RBG for key generation; the main difference is that ML-DSA can use a hedged signing seed, while ECDSA uses a per-message secret number k for each signature. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.<br>[NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.<br>[NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations. |
| Practical decision rule | Choose ML-DSA when the design is intentionally adopting the FIPS 204 post-quantum signature algorithm and can support the chosen parameter set, implementation interface, and validation evidence. | Choose ECDSA when the design needs a FIPS 186-5 elliptic-curve signature algorithm and can support the required curve/domain parameters, hash choices, key handling, and validation evidence. | Do not reduce the choice to post-quantum versus legacy. The defensible decision is the one whose algorithm standard, parameters, implementation, and validation boundary match the actual system claim. | [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Grounds the ML-DSA decision side.<br>[NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Grounds the ECDSA decision side.<br>[NIST Cryptographic Algorithm Validation Program](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program?ref=sorena.io) - Grounds algorithm-evidence lookup.<br>[NIST Cryptographic Module Validation Program](https://csrc.nist.gov/projects/cryptographic-module-validation-program?ref=sorena.io) - Grounds module-validation lookup. |

Sources for Standard scope - FIPS 204 ML-DSA:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Defines ML-DSA functions and parameter sets.
  - Quote: "This standard specifies the Module-Lattice-Based Digital Signature Algorithm"

Sources for Standard scope - ECDSA under FIPS 186-5:

- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Defines ECDSA in the Digital Signature Standard.
  - Quote: "This Standard specifies algorithms for applications requiring a digital signature."

Sources for Standard scope - operational implication:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Grounds ML-DSA scope.
  - Quote: "This standard specifies the Module-Lattice-Based Digital Signature Algorithm"
- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Grounds ECDSA scope.
  - Quote: "This Standard specifies algorithms for applications requiring a digital signature."

Sources for Covered actors:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Trigger:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Core obligations:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Evidence:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Timing:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Enforcement:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Overlap:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "approved RBG"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "per-message secret number"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"

Sources for Practical decision rule - FIPS 204 ML-DSA:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Grounds the ML-DSA decision side.
  - Quote: "Module-Lattice-Based Digital Signature Algorithm"

Sources for Practical decision rule - ECDSA under FIPS 186-5:

- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Grounds the ECDSA decision side.
  - Quote: "Elliptic Curve Digital Signature Algorithm"

Sources for Practical decision rule - operational implication:

- [NIST Cryptographic Algorithm Validation Program](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program?ref=sorena.io) - Grounds algorithm-evidence lookup.
  - Quote: "Cryptographic Algorithm Validation Program"
- [NIST Cryptographic Module Validation Program](https://csrc.nist.gov/projects/cryptographic-module-validation-program?ref=sorena.io) - Grounds module-validation lookup.
  - Quote: "Cryptographic Module Validation Program"

### Which algorithm standard to apply

- Choose FIPS 204 ML-DSA when the design or procurement requirement specifically requires a NIST-approved post-quantum digital signature algorithm or lattice-based signing.
- Choose FIPS 186-5 ECDSA when the controlling protocol profile, existing key infrastructure, or interoperability requirement depends on classical elliptic-curve signing with NIST-approved domain parameters.
- Do not substitute ML-DSA and ECDSA evidence without verifying that the protocol, key size, parameter set, and CAVP validation record match the specific implementation in scope.
- Review the algorithm choice after NIST SP 800-131A revisions, module recertification cycles, or protocol deprecation notices that affect either algorithm family.

Sources for the practical decision rule:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"

## What is the direct standards difference?

FIPS 204 is the controlling source when the design claim is ML-DSA. It defines ML-DSA key generation, signature generation, signature verification, and approved parameter sets: ML-DSA-44, ML-DSA-65, and ML-DSA-87.

FIPS 186-5 is the controlling source when the design claim is ECDSA. It specifies ECDSA signature generation and verification, points implementers to SP 800-186 for recommended elliptic curves, and treats deterministic ECDSA as an approved variant.

- Use FIPS 204 language for ML-DSA parameter-set and function-interface claims.
- Use FIPS 186-5 language for ECDSA domain parameters, keys, per-message secret numbers, and verification assurances.
- Do not describe an algorithm as FIPS 140-3 validated; FIPS 140-3 validation applies to cryptographic modules, while algorithm testing is separate evidence.

Sources for this answer:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Defines ML-DSA and its approved parameter sets.
- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Specifies ECDSA and other approved digital signature algorithms.
- [NIST FIPS 140-3 security requirements for cryptographic modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Separates module validation from algorithm-standard conformance.

## Implementation facts to capture before choosing

For ML-DSA, record the parameter set and whether the design uses the pure or pre-hash form, because FIPS 204 ties API structure, random inputs, and CAVP-oriented testing interfaces to those functions.

For ECDSA, record the curve/domain parameters, hash or XOF choice, key-pair generation method, and per-message secret-number method. FIPS 186-5 requires ECDSA keys to be used only for ECDSA signatures and requires protection of the private key and per-message secret material.

- ML-DSA-44, ML-DSA-65, and ML-DSA-87 are distinct parameter-set choices, not marketing tiers.
- ECDSA depends on a specific elliptic-curve domain-parameter set and on approved random generation unless deterministic ECDSA is used.
- For both algorithms, preserve the claim boundary: algorithm implementation, protocol use, key-management process, certificate profile, and cryptographic module are different review objects.

Sources for this answer:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Lists ML-DSA-44, ML-DSA-65, and ML-DSA-87 and describes CAVP-oriented interfaces.
- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Defines ECDSA key, domain-parameter, and per-message secret-number requirements.

## Validation evidence that should not be overstated

CAVP evidence can support a claim that a specific algorithm implementation was tested for conformance to the relevant algorithm standard. It does not by itself prove that a product, service, protocol stack, or deployment boundary is a validated cryptographic module.

CMVP evidence is about a cryptographic module validated to FIPS 140-3 and its approved mode, security policy, certificate scope, and listed algorithm certificates. A customer or independent review should therefore ask for both the algorithm evidence and the module certificate when the public claim depends on validated-module use.

- Check CAVP entries for the exact algorithm, revision, parameter set or mode, implementation name, vendor, and certificate status.
- Check CMVP entries for the module name, version, operational environment, security level, approved-mode caveats, and linked algorithm certificates.
- Write public or customer-facing claims as scoped facts, for example: an implementation has CAVP evidence, or a named module is CMVP validated for a listed configuration.

Sources for this answer:

- [NIST Cryptographic Algorithm Validation Program](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program?ref=sorena.io) - Public program source for algorithm validation certificate evidence.
- [NIST Cryptographic Module Validation Program](https://csrc.nist.gov/projects/cryptographic-module-validation-program?ref=sorena.io) - Public program source for cryptographic module validation scope.
- [NIST FIPS 140-3 security requirements for cryptographic modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Grounds CMVP module validation and approved security-function framing.

*Recommended next step*

*Placement: after practical guidance*

## Review ML-DSA and ECDSA claims

Use the comparison to align algorithm choices, parameter records, CAVP evidence, and CMVP module boundaries before publishing or reusing a FIPS claim.

- [Open Assessment Autopilot for FIPS evidence](/solutions/assessment.md): Convert signature-algorithm claims into scoped evidence requests and review tasks.
- [Research FIPS source questions](/solutions/research-copilot.md): Resolve parameter, validation, and module-boundary questions against cited NIST sources.
- [Talk through implementation](/contact.md): Review the signature choice, evidence boundary, and customer-facing claim language with Sorena.

## Review checklist for ML-DSA vs ECDSA

Use the comparison as an implementation review, not as a generic migration scorecard. The review should identify the exact signature function in use and the evidence needed for the claim being made.

- Name the signing use case: firmware signing, document signing, certificate issuance, protocol authentication, code signing, or another concrete signature flow.
- Record the controlling standard: FIPS 204 for ML-DSA or FIPS 186-5 for ECDSA.
- Record ML-DSA parameter set or ECDSA curve/domain parameters, plus hash, XOF, random-bit generation, and key-use assumptions.
- Check whether CAVP evidence exists for the implementation and whether the evidence matches the claimed algorithm and parameter choices.
- Check whether the product claim needs a CMVP-validated module and whether the certificate scope covers the shipped version and operating environment.
- Avoid shortcuts such as calling an algorithm certificate a validated product or treating a legacy ECDSA certificate as evidence for ML-DSA.

Sources for this answer:

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Grounds ML-DSA parameter and implementation checks.
- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Grounds ECDSA parameter, key, and verification checks.

## Primary sources

- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Grounds the ML-DSA decision side.
  - Quote: "Module-Lattice-Based Digital Signature Algorithm"
- [NIST FIPS 186-5 Digital Signature Standard](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Grounds the ECDSA decision side.
  - Quote: "Elliptic Curve Digital Signature Algorithm"
- [NIST Cryptographic Algorithm Validation Program](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program?ref=sorena.io) - Grounds algorithm-evidence lookup.
  - Quote: "Cryptographic Algorithm Validation Program"
- [NIST Cryptographic Module Validation Program](https://csrc.nist.gov/projects/cryptographic-module-validation-program?ref=sorena.io) - Grounds module-validation lookup.
  - Quote: "Cryptographic Module Validation Program"
- [NIST FIPS 140-3 Security Requirements for Cryptographic Modules](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.140-3.pdf?ref=sorena.io) - Defines cryptographic module boundary and validation requirements applicable to both ML-DSA and ECDSA implementations.
  - Quote: "Security Requirements for Cryptographic Modules"
- [NIST FIPS 204 Module-Lattice-Based Digital Signature Standard (ML-DSA)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf?ref=sorena.io) - Primary source for ML-DSA algorithm specification, key generation, signing, verification, parameter sets, and approved uses under FIPS.
  - Quote: "Module-Lattice-Based Digital Signature Standard"
- [NIST FIPS 186-5 Digital Signature Standard (DSS)](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.186-5.pdf?ref=sorena.io) - Primary source for ECDSA algorithm specification, domain parameters, key generation, signature generation, and verification under FIPS.
  - Quote: "Digital Signature Standard"

## Related Topic Guides

- [AES FIPS 197 requirements and evidence](/artifacts/global/fips-crypto-algorithms/aes-fips-197.md): AES FIPS 197 guidance for identifying supported key sizes, separating the block cipher from modes of operation, and avoiding unsupported FIPS validation claims.
- [CAVP and ACVP validation evidence for FIPS algorithms](/artifacts/global/fips-crypto-algorithms/cavp-and-acvp-validation.md): How to read CAVP algorithm certificates, ACVTS/ACVP test coverage, CMVP module validation, and FIPS 140-3 procurement evidence without overstating the claim.
- [CAVP Validation Evidence Workflow for FIPS Algorithms](/artifacts/global/fips-crypto-algorithms/cavp-validation-evidence-workflow.md): Workflow for collecting CAVP and ACVP evidence: algorithm certificates, implementation names, tested parameters, operating environments, and CMVP handoff records.
- [FIPS 180-4 and FIPS 202 secure hash guidance](/artifacts/global/fips-crypto-algorithms/secure-hash-fips-180-4-and-fips-202.md): Choose and evidence SHA-2, SHA-3, and SHAKE use under FIPS 180-4, FIPS 202, CAVP validation, and FIPS 140-3 module claims.
- [FIPS 186-5 and FIPS 204 digital signatures](/artifacts/global/fips-crypto-algorithms/digital-signatures-fips-186-5-and-fips-204.md): Compare FIPS 186-5 classical digital signatures with FIPS 204 ML-DSA, including scope, algorithm choices, key-use limits, and validation evidence boundaries.
- [FIPS 203 ML-KEM vs RSA and ECDH key establishment](/artifacts/global/fips-crypto-algorithms/ml-kem-vs-rsa-and-ecdh.md): Compare FIPS 203 ML-KEM with RSA and ECDH key-establishment schemes using NIST SP 800-56A, SP 800-56B, CAVP, and CMVP grounding.
- [FIPS 203, 204, and 205 Post-Quantum Algorithms](/artifacts/global/fips-crypto-algorithms/faq/fips-203-204-and-205-post-quantum-algorithms.md): FAQ on how FIPS 203 ML-KEM, FIPS 204 ML-DSA, and FIPS 205 SLH-DSA fit FIPS-approved cryptographic algorithm planning, implementation evidence, and validation checks.
- [FIPS Algorithm Procurement Evidence FAQ](/artifacts/global/fips-crypto-algorithms/faq/procurement-evidence.md): What procurement teams should collect before accepting FIPS algorithm or module claims: CAVP certificates, CMVP module status, security policy scope, and supplier change triggers.
- [FIPS approved algorithm selector workflow](/artifacts/global/fips-crypto-algorithms/approved-algorithm-selector-workflow.md): A source-linked workflow for selecting FIPS and NIST-approved cryptographic algorithms without overstating module validation, CAVP evidence, or approved-mode claims.
- [FIPS approved mode procurement: certificates, boundaries, and evidence](/artifacts/global/fips-crypto-algorithms/approved-mode-procurement.md): Procurement guidance for FIPS approved mode claims: how to check CMVP certificates, CAVP evidence, module boundaries, tested environments, and supplier evidence before purchase.
- [FIPS crypto transition and deprecation tracker](/artifacts/global/fips-crypto-algorithms/transition-and-deprecation-tracker.md): Track FIPS algorithm transitions, withdrawn guidance, CAVP evidence, CMVP module impact, procurement triggers, and approved-mode caveats without overstating validation status.
- [FIPS cryptographic algorithm selector](/artifacts/global/fips-crypto-algorithms/algorithm-selector.md): Choose between FIPS algorithm standards for AES, SHA-2, SHA-3, digital signatures, ML-KEM, ML-DSA, and SLH-DSA without overstating validation scope.
- [FIPS KDF and MAC coverage for validated modules](/artifacts/global/fips-crypto-algorithms/kdf-and-mac-coverage.md): Map FIPS 140-3 KDF and MAC coverage to approved security functions, CAVP evidence, self-tests, service indicators, and module security policy entries.
- [FIPS Key Management Mapping for Algorithms and SSP Evidence](/artifacts/global/fips-crypto-algorithms/key-management-mapping.md): Map FIPS 140-3 key management requirements to approved algorithms, SSP establishment methods, CAVP evidence, module boundaries, and key-use records.
- [FIPS Procurement Evidence Review Workflow: CAVP, CMVP, Approved Mode](/artifacts/global/fips-crypto-algorithms/procurement-evidence-review-workflow.md): Review FIPS crypto procurement evidence by separating CAVP algorithm certificates from CMVP module certificates, Security Policy scope, approved mode, operating environment, change impact, and retention records.
- [FIPS validation certificates for cryptographic algorithms](/artifacts/global/fips-crypto-algorithms/faq/validation-certificates.md): How to read CAVP algorithm validation certificates and CMVP module validation certificates without overstating FIPS-approved cryptographic algorithm claims.
- [FIPS-approved cryptographic algorithms FAQ](/artifacts/global/fips-crypto-algorithms/faq.md): Answers to common FIPS algorithm questions: approved security functions, CAVP validation, CMVP module scope, AES modes, SHA-2, SHA-3, signatures, and post-quantum algorithms.
- [How FIPS 180-4 and FIPS 202 Hash Functions Fit FIPS Algorithm Approval](/artifacts/global/fips-crypto-algorithms/faq/fips-180-4-and-fips-202-hash-functions.md): Use FIPS 180-4 for SHA-1 and SHA-2 hash algorithms, FIPS 202 for SHA-3 and SHAKE functions, and CAVP/CMVP evidence without treating a hash certificate as module validation.
- [How FIPS 186-5 Signature Algorithms Fit FIPS Approval](/artifacts/global/fips-crypto-algorithms/faq/fips-186-5-signatures.md): Use FIPS 186-5 for RSA, ECDSA, deterministic ECDSA, EdDSA, HashEdDSA, DSA verification limits, approved hashes, and CAVP/CMVP evidence boundaries.
- [Post-quantum FIPS 203, 204, and 205: ML-KEM, ML-DSA, and SLH-DSA](/artifacts/global/fips-crypto-algorithms/post-quantum-fips-203-204-205.md): A grounded guide to the three NIST post-quantum FIPS standards: when ML-KEM, ML-DSA, and SLH-DSA apply, what evidence to keep, and how CAVP and CMVP claims differ.
- [Post-Quantum Migration for FIPS Cryptography](/artifacts/global/fips-crypto-algorithms/post-quantum-migration.md): Plan post-quantum migration for FIPS cryptography by separating ML-KEM key establishment, ML-DSA and SLH-DSA signatures, CAVP algorithm evidence, and CMVP module validation boundaries.
- [Post-Quantum Migration Tracker for FIPS 203, 204, and 205](/artifacts/global/fips-crypto-algorithms/post-quantum-migration-tracker.md): Track post-quantum cryptography migration evidence for FIPS 203 ML-KEM, FIPS 204 ML-DSA, FIPS 205 SLH-DSA, CAVP algorithm certificates, and CMVP module boundaries.
- [SHA-2 vs SHA-3 under FIPS 180-4 and FIPS 202](/artifacts/global/fips-crypto-algorithms/sha-2-vs-sha-3.md): Compare SHA-2 and SHA-3 for FIPS use: approved functions, validation evidence, compatibility, procurement checks, and when migration is not required.
- [TLS use-case mapping for FIPS algorithm evidence](/artifacts/global/fips-crypto-algorithms/tls-use-case-mapping.md): Map TLS uses to FIPS algorithm, CAVP, CMVP, approved-mode, certificate-authority, and evidence checks without overstating protocol validation claims.
- [What does FIPS 197 AES mean for FIPS-approved algorithms?](/artifacts/global/fips-crypto-algorithms/faq/fips-197-aes.md): FIPS 197 defines AES as a FIPS-approved block cipher, but AES use alone is not the same as CAVP algorithm testing or FIPS 140-3 module validation.


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/global/fips-crypto-algorithms/ml-dsa-vs-ecdsa