Post-Quantum Cryptography in 5 Minutes — Your First Dilithium Signature

What Is Post-Quantum Cryptography?
Why Dilithium?
Your First Signature (curl)
Python Example
Node.js Example
Verify It
H33-3-Key: Why Sign With 3 Families
HICS: Score Your Code
What's Next

What Is Post-Quantum Cryptography?

Every digital signature you use today—RSA, ECDSA, Ed25519—relies on math problems that classical computers can't solve in a reasonable time. RSA depends on the difficulty of factoring large integers. ECDSA depends on the discrete logarithm problem over elliptic curves. These problems have protected the internet for decades, and they're about to become trivial.

In 1994, Peter Shor published a quantum algorithm that factors integers and computes discrete logarithms in polynomial time. A sufficiently large quantum computer running Shor's algorithm would break RSA-2048 in hours, not billions of years. ECDSA-256 falls even faster—Shor's algorithm needs roughly 2,330 logical qubits to break it. Google's Willow chip hit 105 qubits in December 2024 with below-threshold error correction. The engineering path from 105 to 2,330 is no longer speculative. It's a manufacturing timeline. When that threshold is crossed, every RSA and ECDSA key ever generated becomes forgeable. Every digital signature ever produced becomes worthless. Every "secure" communication becomes readable. This isn't a distant theoretical risk—nation-states are already recording encrypted traffic today, waiting for quantum computers powerful enough to decrypt it. This attack has a name: harvest now, decrypt later.

Post-quantum cryptography (PQC) is the replacement. These are cryptographic algorithms designed to resist both classical and quantum attacks. They're built on different math problems—lattices, hashes, codes—that Shor's algorithm can't touch. NIST spent eight years evaluating candidates and finalized three standards in 2024: FIPS 203 (ML-KEM/Kyber) for key exchange, FIPS 204 (ML-DSA/Dilithium) for digital signatures, and FIPS 205 (SLH-DSA/SPHINCS+) for hash-based signatures. The standards are done. The implementations are production-ready. The only question is whether you migrate before or after quantum computers break your existing cryptography.

Why Dilithium?

Dilithium—officially ML-DSA (Module Lattice Digital Signature Algorithm)—is the signature scheme NIST selected as the primary post-quantum standard. It's based on the Module Learning With Errors (Module-LWE) problem, a lattice problem that no known quantum algorithm can solve efficiently. Unlike hash-based signatures (SPHINCS+), Dilithium is stateless: you don't need to track which keys have been used. Unlike code-based schemes, the key and signature sizes are practical for real-world deployment.

The numbers: ML-DSA-65 (NIST Security Level 3) produces a 3,309-byte signature with a 1,952-byte public key. That's larger than ECDSA-256 (64-byte signature, 33-byte key), but small enough for every use case that matters—API authentication, document signing, blockchain transactions, TLS handshakes. H33's implementation signs and verifies in 291 microseconds combined. For comparison, a single DNS lookup takes 20–100 milliseconds. The cryptographic operation is invisible in your application's latency budget.

Dilithium is the safe default. NIST explicitly recommends it as the first choice for new deployments. If you're reading this tutorial, you're making the right decision.

Your First Signature

Let's sign a message with Dilithium right now. You'll need an H33 API key (free tier, no credit card). Get one at h33.ai/pricing in 30 seconds, then run this:

curl — Sign a message with Dilithium (ML-DSA-65)

curl -X POST https://api.h33.ai/v1/sign \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "algorithm": "dilithium",
    "security_level": 3,
    "message": "Hello, post-quantum world!"
  }'

That's it. One HTTP POST. The response contains your Dilithium signature, public key, and a verification token:

Response

{
  "algorithm": "ML-DSA-65",
  "security_level": 3,
  "signature": "a3f8c1d2e4b5...truncated...9f7a2b1c",
  "public_key": "7e2d4a6b8c1f...truncated...3d5e7f9a",
  "message_hash": "sha3-256:e5b2a1c4d8f3...",
  "verification_url": "https://api.h33.ai/v1/verify/txn_abc123",
  "latency_us": 145
}

The signature field is a 3,309-byte Dilithium signature, hex-encoded. The public_key is the corresponding 1,952-byte ML-DSA-65 public key. The verification_url lets anyone verify this signature without needing your API key—verification is always free. And latency_us shows you the server-side signing time: typically 100–200 microseconds on H33's Graviton4 infrastructure.

Python Example

Five lines. No cryptography libraries to install. Just requests.

Python — Sign with Dilithium

import requests

response = requests.post("https://api.h33.ai/v1/sign", headers={
    "Authorization": "Bearer YOUR_API_KEY"
}, json={
    "algorithm": "dilithium",
    "security_level": 3,
    "message": "Hello from Python!"
})

result = response.json()
print(f"Signature: {result['signature'][:64]}...")
print(f"Verify at: {result['verification_url']}")
print(f"Latency:   {result['latency_us']}µs")

The H33 API handles key generation, signing, and key management. You don't need to understand lattice math, polynomial rings, or Module-LWE. You send a message, you get a quantum-resistant signature. The security_level parameter maps directly to NIST security levels: 2 for ML-DSA-44 (128-bit), 3 for ML-DSA-65 (192-bit), or 5 for ML-DSA-87 (256-bit). Level 3 is the recommended default for most applications.

Node.js Example

Same pattern, native fetch. No dependencies.

Node.js — Sign with Dilithium

const response = await fetch("https://api.h33.ai/v1/sign", {
  method: "POST",
  headers: {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    algorithm: "dilithium",
    security_level: 3,
    message: "Hello from Node.js!"
  })
});

const result = await response.json();
console.log(`Signature: ${result.signature.slice(0, 64)}...`);
console.log(`Verify at: ${result.verification_url}`);
console.log(`Latency:   ${result.latency_us}µs`);

Every response includes the verification_url. Send that to your counterparty, your auditor, or your compliance team. They can verify the signature without an API key and without any post-quantum cryptography knowledge. Click the link, see the result. That's the developer experience we're going for.

Verify It

Verification is free. No credits consumed, no API key required. There are two ways to verify:

curl — Verify using the verification URL

curl https://api.h33.ai/v1/verify/txn_abc123

Or verify with the raw signature and public key:

curl — Verify with raw signature + public key

curl -X POST https://api.h33.ai/v1/verify \
  -H "Content-Type: application/json" \
  -d '{
    "algorithm": "dilithium",
    "security_level": 3,
    "message": "Hello, post-quantum world!",
    "signature": "a3f8c1d2e4b5...the-full-signature...",
    "public_key": "7e2d4a6b8c1f...the-full-key..."
  }'

The verification response tells you exactly what was verified:

Verification Response

{
  "valid": true,
  "algorithm": "ML-DSA-65",
  "nist_level": 3,
  "nist_standard": "FIPS 204",
  "quantum_resistant": true,
  "verified_at": "2026-04-02T14:30:00Z",
  "latency_us": 146
}

The quantum_resistant: true field is the key output. This signature will remain valid even after large-scale quantum computers exist. An ECDSA signature produced today cannot make that guarantee. A Dilithium signature can.

H33-3-Key: Why Sign With 3 Families Instead of 1

Dilithium alone is strong. But what if lattice cryptography has a hidden weakness? What if someone discovers an efficient algorithm for Module-LWE that we haven't anticipated? In classical cryptography, we trusted single algorithms for decades and got burned—MD5, SHA-1, DES all fell. Post-quantum cryptography is newer and less battle-tested. Prudent engineering demands defense in depth.

H33-3-Key signs every message with three independent signature families, nested with temporal binding:

Layer 1: Dilithium

ML-DSA-87 · LATTICE

Module-LWE problem. NIST FIPS 204. The primary post-quantum standard.

Layer 2: FALCON

NTRU Lattice · DIFFERENT FAMILY

NTRU-based lattice. Different mathematical structure than Dilithium. Both must be broken to forge.

Layer 3: Ed25519

CLASSICAL · ELLIPTIC CURVE

Classical signature for backward compatibility. Provides protection against errors in PQ implementations.

An attacker must break all three families to forge a signature. Module-LWE (Dilithium) AND NTRU (FALCON) AND discrete log (Ed25519). These are three independent mathematical problems with no known relationships between them. Breaking one gives you zero advantage on the others. The combined signing and verification latency: 291 microseconds. One API call handles all three layers.

curl — 3-Key signing (three families, one call)

curl -X POST https://api.h33.ai/v1/sign \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "algorithm": "3key",
    "message": "Signed with three independent families"
  }'

The response includes all three signatures, all three public keys, and a single verification URL. 291 microseconds for three-family, defense-in-depth, post-quantum signature security. That's the same latency as a single RSA-2048 signature on most hardware.

Score Your Codebase

HICS — H33 Infrastructure Compliance Score

How post-quantum ready is your code right now? HICS scans your codebase, finds every RSA key, ECDSA signature, AES-128 block, and SHA-256 hash, then scores your post-quantum readiness on a 0–100 scale. It tells you exactly what to replace, in what order, and how long the migration will take.

The score is STARK-attested—a zero-knowledge proof that the evaluation ran correctly. Your code never leaves your environment. The grade is cryptographically verifiable.

Score Your Code for PQ Readiness →