Certificate 5: Post-Quantum Cryptography for Election Systems
Migrate election-system cryptography to NIST post-quantum standards (ML-KEM, ML-DSA, SLH-DSA) with FIPS 140-3 alignment.
You'll be notified when this class opens for registration.
Program Features
- Online
- Interactive LMS Content
- Blockchain-based Certificate
Program Features
- Online
- Interactive LMS Content
- Blockchain-based Certificate
Description
Purpose Prepare election technology owners and operators for the post-quantum cryptographic transition required to keep ballot signatures, transport security, and long-term records verifiable under NSM-10 and CNSA 2.0.
Who It’s For
- Voting system vendor cryptography and platform engineers
- State CISOs and county election IT directors evaluating PQC readiness
- VSTL technicians who must validate PQC implementations
- EAC and NIST liaisons developing acceptance criteria
What You Will Learn
- The NIST PQC standards: ML-KEM-1024 (key establishment), ML-DSA-87 (signatures), SLH-DSA (stateless hash-based signatures)
- CNSA 2.0 and NSM-10 deadlines and how they map to election infrastructure
- Hybrid TLS migration patterns and when to retain classical fallback
- Ballot-image and audit-record signature chains under PQC
- FIPS 140-3 module integration and validation evidence
- Crypto-agility: building systems that can rotate primitives without re-certification churn
Outcome Practitioners can scope, plan, and oversee a PQC migration that survives EAC re-certification and audit.
Federal Grant Eligibility
This certificate supports compliance with NDAA FY2025 §6805, which amends the Help America Vote Act of 2002 (HAVA) to require penetration testing as part of federal voting-system certification. Tuition is an allowable use of HAVA Election Security Grant funds (Title I §101) when the learner is an election official, election IT staff member, auditor, or contractor supporting the certification or operation of voting systems.
Individual and group enrollment receipts include the line items, learner roster, and completion record most state EAC sub-grant offices require for reimbursement. State Homeland Security Grant Program (SHSGP) election-security set-asides and state-level election security grants are also commonly used to fund ESAVA enrollment.
Aligned to NIST FIPS 203/204/205 (ML-KEM, ML-DSA, SLH-DSA). Eligible under HAVA §101 cybersecurity allowable uses; pair with SHSGP set-aside if available.
Need help routing payment through your state's HAVA pipeline? Use Request Grant-Funded Enrollment and we will provide a justification memo, scope-of-training letter, and W-9 sized to your state's reimbursement form.
Program Syllabus
Syllabus / Topics Covered
Module 1 – Cryptographic Threat Landscape & Quantum Risk
- Why post-quantum matters: store-now-decrypt-later, harvest attacks, and long-tail records
- Voting system records that must remain verifiable beyond the cryptographic transition
- Federal direction-setting: NSM-10, OMB M-23-02, CNSA 2.0
- Mapping the EAC certification cycle to PQC deadlines
Module 2 – NIST Post-Quantum Standards
- ML-KEM-1024 — module-lattice key encapsulation for key establishment
- ML-DSA-87 — module-lattice digital signature
- SLH-DSA — stateless hash-based signatures for long-term records
- Trade-offs: signature size, verification cost, and statefulness
Module 3 – CNSA 2.0 and NSM-10 Compliance Path
- CNSA 2.0 algorithm suite and federal alignment
- The 2030 transition deadline and intermediate milestones
- Vendor reporting and EAC submission expectations
Module 4 – Hybrid TLS and Migration Strategy
- Hybrid key exchange in TLS 1.3
- Preserving classical fallback during the transition
- Ciphersuite negotiation and downgrade defense
- Performance and packet-size considerations
Module 5 – Ballot Signature Chains and Long-Term Records
- Signing ballot images and audit logs with PQC algorithms
- Statefulness and key-rotation patterns for long retention
- Re-signing strategies for archived records
Module 6 – FIPS 140-3 Modules and Crypto-Agility
- Selecting and integrating FIPS 140-3 validated modules
- Crypto-agility framework: rotating primitives without re-certification
- Documentation and evidence packaging for EAC review