{"draft":"draft-ietf-lamps-cms-kyber-13","doc_id":"RFC9936","title":"Use of ML-KEM in the Cryptographic Message Syntax (CMS)","authors":["J. Prat","M. Ounsworth","D. Van Geest"],"format":["HTML","TEXT","PDF","XML"],"page_count":"18","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Limited Additional Mechanisms for PKIX and SMIME","abstract":"Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) is a\r\nquantum-resistant Key Encapsulation Mechanism (KEM). Three parameter\r\nsets for the ML-KEM algorithm are specified by the US National\r\nInstitute of Standards and Technology (NIST) in FIPS 203. In order of\r\nincreasing security strength (and decreasing performance), these\r\nparameter sets are ML-KEM-512, ML-KEM-768, and ML-KEM-1024. This\r\ndocument specifies the conventions for using ML-KEM with the\r\nCryptographic Message Syntax (CMS) using the KEMRecipientInfo\r\nstructure defined in \"Using Key Encapsulation Mechanism (KEM)\r\nAlgorithms in the Cryptographic Message Syntax (CMS)\" (RFC 9629).","pub_date":"March 2026","keywords":["Key Encapsulation Mechanism (KEM)","KEMRecipientInfo","ML-KEM","Kyber"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9936","errata_url":null}