The ink on ISO/IEC 18033-2 Amendment 2:2026 is barely dry. Published in June 2026, it formally standardises FrodoKEM alongside ML-KEM and Classic McEliece as part of the international key encapsulation framework.
As of today, CipherForge supports FrodoKEM in production. Discovery, implementation, and monitoring across the full EQCore platform.
That four-week window between international standardisation and production-ready support is not a marketing talking point. It is the entire argument for why cryptographic agility belongs at the centre of any post-quantum migration strategy.
Most post-quantum key encapsulation mechanisms, including ML-KEM (FIPS 203), rely on structured lattice assumptions. Specifically, they use the hardness of the Module Learning With Errors (Module-LWE) problem. These assumptions are well-studied, efficient, and currently considered secure.
FrodoKEM takes a more conservative path. It relies on plain LWE over unstructured lattices, deliberately avoiding the algebraic structure that makes Module-LWE efficient. The trade-off is real: FrodoKEM keys and ciphertexts are substantially larger, and operations are slower. But the security assumption is strictly more conservative.
For most workloads, ML-KEM remains the right choice. It is fast, standardised by NIST, and battle-tested across major deployments.
FrodoKEM serves a different purpose. It is the hedge. For organisations protecting data with multi-decade sensitivity, or operating in regulatory environments that mandate defence-in-depth across cryptographic assumptions, FrodoKEM provides a standardised alternative that does not share the same structural foundation as ML-KEM. If a future breakthrough ever weakened structured lattice assumptions (and there is no current evidence suggesting it will), FrodoKEM would remain unaffected.
That is why ISO standardised it. And that is why CipherForge supports it.
At ExeQuantum, we build around a principle we call STAC: Sovereign, Transparent, Agile, Compliant. The "A" tends to get less attention than sovereignty or compliance in procurement conversations, but it may be the most consequential over a ten-year horizon.
The post-quantum cryptographic landscape is not static. NIST finalised FIPS 203, 204, and 205 in August 2024. HQC was selected as a fifth algorithm in 2025. FrodoKEM received its ISO standard in June 2026. National standards bodies across Asia and Europe are evaluating additional algorithms for domestic requirements.
Any organisation that treats PQC migration as a one-time project, selecting a single algorithm and embedding it across their infrastructure, will face this exact problem again. The question is not whether the standards landscape will change. It is whether your cryptographic infrastructure can respond when it does.
A platform built for agility absorbs a new algorithm as a configuration change. A platform built around a single algorithm treats it as a rewrite.
CipherForge added FrodoKEM in weeks because the architecture was designed for exactly this scenario. The formally verified implementation layer (built in Jasmin for all operations handling secret values) provides the security guarantees. The orchestration layer above it manages algorithm selection, deployment policy, and compliance reporting. When a new algorithm reaches standardisation, the work is adding it to the implementation layer and exposing it through the existing governance framework. Not rebuilding the framework around it.
CipherForge now supports six post-quantum algorithms in production:
This is not a catalogue for its own sake. Each algorithm serves a specific architectural role, and CipherForge's policy engine allows organisations to assign algorithms to workloads based on risk profile, regulatory requirements, and performance constraints. ML-KEM for high-throughput API traffic. FrodoKEM or Classic McEliece for long-lived key material in high-assurance environments. SLH-DSA where lattice-free signature schemes are required by policy.
The point is that these decisions should be governed by policy, not limited by what your vendor has implemented.
Governments worldwide are converging on PQC adoption mandates. The timelines vary by jurisdiction, but the direction does not. Organisations that begin migration now have the advantage of choosing their approach. Organisations that wait will have their approach chosen for them, under pressure, with fewer options.
Cryptographic agility is not a feature. It is the strategy that ensures your migration investment holds its value as the standards landscape continues to evolve.
CipherForge is ready. The question is whether your cryptographic infrastructure is.