.NET 10 introduces post-quantum cryptography support with four new algorithms: ML-KEM, ML-DSA, SLH-DSA, and Composite ML-DSA. The implementation breaks from the traditional AsymmetricAlgorithm base class pattern, introducing a new design where instances represent keys rather than algorithms, with improved disposal semantics and extensive use of the Template Method Pattern. The new classes minimize code duplication in derived types, use Span-based APIs for performance, and include platform-specific implementations for Windows (CNG) and Linux (OpenSSL 3.5+). Integration extends to X.509 certificates, TLS 1.3, SignedCms, and COSE, though some methods remain experimental pending final specification publication.
Table of contents
The Way We’ve Always Done It Copy linkIt Starts To Go Wrong Copy link… Anything Else? Copy linkThe New Design’s Goals Copy linkThe New Design Copy linkDoes This Help Me As An Implementer? Copy linkWhat’s Up With [Experimental] ? Copy linkWhere Does .NET Use These Algorithms? Copy linkGreat, How Do I Get Started? Copy linkSpecial Thanks Copy linkSort: