Lattice Semiconductor has begun shipping what it says is the first FPGA family built to meet the NSA’s CNSA 2.0 post-quantum cryptography requirements, a milestone the company underscored by collecting a gold award for best security solution at the Embedded World trade show. The product at the center of the claim is the Lattice Avant-G, a mid-range programmable logic platform that integrates the quantum-resistant algorithms Washington now demands for national-security hardware.
The announcement, which Lattice detailed in a May 2026 company statement, arrives at a moment when defense contractors, aerospace suppliers, and critical-infrastructure operators are under growing federal pressure to abandon classical encryption before large-scale quantum computers can crack it. For those buyers, the central question is whether a programmable chip can bridge the gap between a published government standard and a component that is ready to solder onto a board.
The federal mandate driving the market
Two government actions set the stage. The NSA published its CNSA 2.0 requirements for National Security Systems in a formal agency release, directing all vendors and integrators working on classified or sensitive programs to migrate away from RSA and elliptic-curve cryptography. The mandate specifies approved quantum-resistant algorithms and lays out a phased timeline, with the earliest deadlines beginning in 2025 for software and firmware signatures.
On the standards side, NIST finalized the first three post-quantum encryption standards. FIPS 203, formally titled the Module-Lattice-Based Key-Encapsulation Mechanism Standard (ML-KEM), provides the specification for quantum-safe key exchange. Its full text is available in the official NIST publication. The algorithm was known as CRYSTALS-Kyber during NIST’s multi-year evaluation. A companion standard, ML-DSA (formerly CRYSTALS-Dilithium), covers digital signatures. Together, these give hardware developers a concrete target: implement ML-KEM for key encapsulation, ML-DSA for authentication, and satisfy the cryptographic building blocks that CNSA 2.0 requires.
What Lattice says the Avant-G delivers
According to Lattice, the Avant-G FPGA family integrates both ML-KEM and ML-DSA directly in its security engine, enabling quantum-resistant key exchange and signature verification on-chip. The company says the platform also includes a hardware root of trust and secure boot capabilities designed to work alongside the post-quantum primitives.
FPGAs are reconfigurable by design, which gives them a structural advantage in a standards environment that is still evolving. NIST has signaled that additional algorithms may follow the initial three, and implementation guidance could shift as more cryptanalysis and interoperability testing accumulate. A programmable chip can, in principle, accept firmware updates that swap or strengthen cryptographic engines after deployment, without requiring a board redesign. For defense programs with decade-long lifecycles, that flexibility is not a convenience; it is a procurement requirement.
The gold award came from the Embedded World Best in Show competition, an annual program run alongside the Nuremberg-based trade fair that evaluates products across categories including security, connectivity, and AI. Lattice took the top prize in the security category. While the award reflects peer and editorial recognition within the embedded-systems industry, it is not equivalent to a government certification of cryptographic strength or CNSA 2.0 compliance. Readers should treat it as an indicator of industry interest, not a substitute for independent security validation.
What independent validation is still missing
Several gaps remain between what Lattice has announced and what security architects need before committing to a design-in.
No independent benchmarks from NIST, a FIPS-accredited lab, or a third-party testing house have surfaced to validate how the Avant-G performs ML-KEM and ML-DSA operations under real-world conditions, particularly in power-constrained edge deployments common in defense and aerospace. Vendor-supplied performance figures exist in product briefs, but until they are cross-checked against a neutral framework, claims about throughput, power efficiency, and side-channel resistance carry the weight of marketing rather than peer-reviewed evidence.
Lattice has also not published a detailed technical whitepaper describing how CNSA 2.0 alignment was achieved at the gate level. Open questions include which ML-KEM parameter set the FPGA supports (ML-KEM-768 vs. ML-KEM-1024), how key material is protected in volatile memory, and what countermeasures are in place against timing attacks, fault injection, and power-analysis side channels. Without that documentation, security teams evaluating the chip for classified or regulated programs lack the detail needed for a formal risk assessment.
The timeline for customer adoption is similarly unclear. NIST’s broader program overview notes that vendors are already shipping PQC-ready hardware, but “PQC-ready” can mean anything from a full algorithm implementation to a placeholder IP block awaiting configuration. Whether the Avant-G ships with all CNSA 2.0 algorithms active out of the box, or requires post-purchase firmware loading, has not been specified in any verified primary source. For mission-critical buyers, that distinction determines whether a device can be fielded immediately or must pass through an additional integration and validation cycle.
The competitive landscape
Lattice is not the only FPGA maker talking about post-quantum readiness. Intel’s Altera division and AMD’s Xilinx unit have both discussed PQC roadmaps in conference presentations and marketing materials, though neither has made a public claim as specific as Lattice’s regarding CNSA 2.0 alignment. Whether Lattice is genuinely first to market with a conformant product, or simply first to attach the label, depends on how strictly “compliance” is defined.
That ambiguity is partly structural. The NSA’s CNSA 2.0 guidance outlines algorithm choices and migration timelines, but it does not appear to offer a formal certification seal that a vendor can display the way a FIPS 140-3 validation certificate works. In practice, that leaves room for differing interpretations of what it means to be “aligned” with the policy versus demonstrably conformant to every technical and operational requirement. Until the government establishes a clear certification pathway for CNSA 2.0 hardware, competing vendor claims will be difficult for buyers to compare on equal terms.
Beyond the FPGA world, software-based PQC libraries such as liboqs (from the Open Quantum Safe project) and PQC modules in OpenSSL are already available for server and cloud workloads. The value proposition for an FPGA-based approach centers on hardware-enforced isolation, deterministic timing, and suitability for embedded environments where a general-purpose processor running a software stack introduces attack surface. Whether that tradeoff justifies the cost and integration effort of a dedicated FPGA depends on the threat model and deployment context.
What procurement teams should do now
For organizations buying FPGAs for defense or critical infrastructure, the practical path forward is straightforward even if the vendor landscape is not.
The algorithms are real. The federal mandate is real. And at least one vendor says it has working silicon. The next step is to request Lattice’s detailed compliance documentation, map it against the specific algorithm identifiers and key sizes listed in the NSA’s CNSA 2.0 FAQ, and verify ML-KEM parameter-set support before locking in a design. Any procurement team evaluating PQC hardware should also confirm whether the FPGA’s cryptographic engine has been tested against known side-channel vectors, and whether secure boot, hardware root of trust, and protected key storage integrate cleanly with the post-quantum primitives.
Engineers can further reduce risk by insisting on clear upgrade paths. If NIST finalizes additional algorithms or adjusts parameter recommendations, the FPGA should accept firmware updates without requiring a board spin. That requirement should be written into supplier agreements, not assumed.
Lattice’s announcement marks a tangible step in the hardware ecosystem’s migration from post-quantum theory to post-quantum practice. The standards are finalized, the policy pressure is mounting, and programmable-logic vendors are beginning to respond with named products and specific algorithm claims. Whether the Avant-G ultimately proves to be the first robust, CNSA 2.0-aligned FPGA platform will depend on the documentation, independent testing, and field experience that have yet to be fully disclosed. Until those pieces arrive, rigorous verification remains the only responsible posture for any buyer whose systems cannot afford to be wrong.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
