Definition. Module-Lattice-Based Digital Signature Algorithm — the post-quantum signature algorithm standardised by NIST in FIPS 204. Based on the CRYSTALS-Dilithium scheme, it uses mathematical problems from lattice cryptography (Module Learning With Errors). ML-DSA replaces classical signature algorithms such as ECDSA wherever long-term signature integrity against quantum computers is required.

Why relevant. RFC 9964 standardises ML-DSA for JOSE and COSE — covering JWT, JWS, and therefore all modern API authentication flows. Identity providers such as Keycloak will introduce ML-DSA support. Operators running platforms with long token lifetimes or regulatory requirements should plan ML-DSA as a migration target today.

Related.ML-KEM, Post-Quantum Cryptography, Crypto Agility, Lattice-based cryptography