Digital Signatures have long been one of the strongest features of PDF; the ability for two parties to agree to the authenticity of a document with mathematics rather than a physical signature is central to modern digital infrastructure projects such as the European Union's eiDAS.
Today's PDF digital signatures follow industry best practice, using algorithms based on elliptic curves or RSA. However the quantum computing revolution is expected to make both these algorithms redundant. It's fair to say no-one knows when (some would say if) a practical quantum computer will be built, but as traditional digital signatures applied after this date may be subject to doubt, it's easy to see why this day is informally known within the industry as the "quantum apocalypse".
New algorithms are needed, and in August 2024 NIST in the United States approved two new signature algorithms believed to be resistant to quantum computers. The PDF industry has been following these developments very closely; the first PDF signed with the ML-DSA algorithm was exchanged between BFO and Adobe in May 2025, with documents signed with the SLH-DSA algorithm exchanged soon after.
These successful exchanges between vendors led to an agreement made at PDF Days 2025, the industry event for vendors in the PDF industry, to formalize the addition of these two new post-quantum signature algorithms to the PDF specification.
Digitally signed PDFs don't expire. Documents signed today will remain valid long after any "quantum apocalypse", but adoption of quantum-resistant algorithms before this happens will greatly simplify the trust process. It will require changes across the entire industry - from Certificate Authorities and HSM Manufacturers to PDF Viewers and Validators - and this process has already started.
We've proved it can be done; the next step is to get the specification published
for everyone in the PDF community, but we wanted to pre-announce that process is happening
because we're being asked about it. People are nervous
, said Mike Bremford, CTO of BFO.
Post-quantum cryptography is over the horizon. We might not know exactly how far,
but the millions of people worldwide that rely on PDF signatures need to know the
industry
is preparing for it so they can continue to trust in the technology.