有料盒子APP

Post-Quantum Cryptography, Explained

Written by Dylan Rudy, Isabella Bello Martinez, andTaylor Brady

woman using a cell phone and laptop

What Are Cryptosystems?

Computers deploy a collection of cryptographic algorithms鈥攁 set of instructions or steps鈥攌nown as a 鈥渃ryptosuite鈥 to protect vulnerable information. Any security service that deploys a cryptosuite to secure data is known as a 鈥渃ryptosystem.鈥

A cryptosystem supports secure communication by deploying algorithms to establish a shared secret value, known as a 鈥渒ey,鈥 used for encryption and decryption purposes. A cryptosystem also allows communicating entities to verify one another鈥檚 identity via a 鈥渄igital signature.鈥 A digital signature authenticates a user through the use of a value which is privately known by the user and a mathematically related, publicly known value accessible to all parties in communication. Algorithms using a pair of private and public values, instead of a single shared value, are known as 鈥渁symmetric cryptographic algorithms鈥 or public-key cryptography.

Cryptosystems permeate our daily activities. To read this explanation of PQC, your laptop established a key with 有料盒子APP鈥檚 server. A secure session was established, and the server provided your computer with a digital signature and a method to authenticate the digital signature, allowing you to read on with the confidence that this article is really from 有料盒子APP.听

How Critical Are Cryptosystems?

Global cryptosystems are essential in today鈥檚 digital world鈥攑rotecting access to utilities, ensuring financial transactions, and verifying proper access to information, as well as guaranteeing the security and operations of hospitals, schools, financial institutions, and more. Failed cryptosystems鈥攊n addition to causing massive disruptions in the use of mobile phones, social media, personal banking, and other technologies鈥攚ould create severe risks for agencies that protect the nation. If cryptosystems no longer function, all internet-based communication is vulnerable.

How Will Cryptosystems Become Vulnerable?

In 1994, mathematician Peter Shor developed an algorithm that demonstrated the potential disruptive capacity of quantum computers. Quantum computers are computational devices that exploit the properties of quantum physics to solve certain problems differently and, in some cases, faster or more efficiently than what is otherwise possible. Shor鈥檚 Algorithm challenged the encryption at the foundation of many modern cryptosystems by establishing a "quantum algorithm" that can rapidly solve the same math problems that underpin the security of today鈥檚 asymmetric cryptographic algorithms. This means that, if bad actors have access to sufficiently advanced quantum computing hardware, they could use an existing quantum algorithm to break digital communications secured with today鈥檚 cryptosystems.

The use of Shor鈥檚 Algorithm (and other quantum algorithms) could create a chaotic environment for sharing and storing vital information. Although the hardware necessary to run Shor鈥檚 Algorithm does not currently exist, quantum developers are working on actualizing a "cryptographically relevant quantum computer" (CRQC) within the next few decades. To mitigate the threat a CRQC poses, any plan to modernize and secure cryptosystems must treat its arrival as an inevitability.听

鈥淪afeguarding U.S. infrastructure and interests requires federal and commercial organizations to stay ahead of future quantum computing threats. Quantum computing is rapidly evolving toward large-scale, practical applications. The first noticeable impact society will see is existing asymmetric cryptography being vulnerable to decryption with quantum computers. Now is the time to prepare for new cryptographic solutions.鈥

What Can Organizations Do to Protect Cryptosystems?

In the future, adversaries could launch cyberattacks that are supported by CRQCs executing quantum algorithms. To sustain operations, organizations that protect critical infrastructure will need a new approach: post-quantum cryptography (PQC). PQC runs on 鈥渃lassical鈥 computers, rather than quantum computers. PQC algorithms are created using underlying mathematical problems which no known classical or quantum algorithm can solve to efficiently recover a user鈥檚 privately known secret key. This means that organizations that deploy PQC are protected from hackers with access to both classical and quantum computing hardware, and, because the solution is classical, this process can begin today.

Led by the National Institute of Standards and Technology (NIST), a is well under way to identify, refine, and operationalize several PQC algorithms before researchers can successfully build a CRQC.

Why Do Organizations Need to Prepare Now?

Preparing for CRQCs and adopting PQC will be difficult and time-consuming. The first CRQCs will likely be operational within our lifetime. To thwart future quantum-based attacks, organizations will use classical computers to encrypt existing, stored data all over again with PQC. They鈥檒l also need to remove obsolete records and archives from their systems. This overhaul will impact different facets of a cryptosystem, such as the authentication of users, key exchange, and digital signatures. Due to this, the process of migrating to PQC could take decades. Complexities include the potential need to match specific PQC algorithms with particular applications, the nuances of hardware and operating systems, and uncertainty over what measures are already in place.

Anything not updated to PQC may become vulnerable as soon as a CRQC is available. Whether it鈥檚 social media accounts, patient health records, bank account passwords, or battlefield intelligence, bad actors and adversaries will be able to steal, change, or delete information. With so much at stake, organizations will need support to align their migration processes with NIST鈥檚 standards and systematically implement robust PQC algorithms over time.

What Has the Federal Government Done So Far?

President Biden鈥檚 on modernizing cybersecurity for national security, defense, and intelligence systems provides direction on planning for comprehensive cybersecurity improvements. The directive includes migration from unsupported cryptography to post-quantum protocols. Integrating PQC adoption with larger modernization efforts offers agencies multiple advantages such as increased cost control, efficient change management, and accelerated workforce upskilling. Organizations can also inform their adoption preparation with analysis from the and the as well as NIST. President Biden鈥檚 on U.S. leadership in quantum further details requirements for mitigating specific encryption risks.听

NIST Algorithm Selections鈥擣irst Wave

In , NIST announced the first wave of PQC algorithms selected as potential 2024 cryptographic standards. The new 2024 standards are meant to replace currently deployed algorithms used to establish keys for secure communication and authenticate users through digital signatures. CRYSTALS-KYBER was announced as a candidate for a method that can be used by two parties to agree on a key, a step which precedes secure communication between those parties. As of August 2022, CRYSTALS-KYBER has demonstrated resilience against attacks using both classical and quantum algorithms.

NIST also selected three digital signature algorithms to provide quick and efficient methods to verify users鈥 identities: CRYSTALS-Dilithium, FALCON, and SPHINCS+:

  • CRYSTALS-Dilithium, like CRYSTALS-KYBER, has demonstrated strong resilience against potential attacks.
  • FALCON was selected to support specific use cases that have smaller resource requirements than what is needed with CRYSTALS-Dilithium.
  • CRYSTALS-Dilithium and FALCON use the same underlying mathematics; therefore, SPHINCS+ was selected as an additional digital signature algorithm based on different mathematics.

The practice of choosing algorithms that rely on different mathematics to make it harder for sensitive data to be decrypted, known as 鈥渃ryptographic diversity,鈥 is critical to the overall success of PQC modernization efforts. Relying on one type of algorithm would prevent a rapid response to the constantly changing threat landscape related to the security of cryptographic algorithms.

The same NIST announcement notified the public of four additional key-establishment algorithms proceeding to a fourth round of consideration. However, shortly after the announcement of the fourth round, researchers were able to break one of the candidate PQC algorithms from a previous round of NIST鈥檚 standardization competition. The discovery of exploits in an algorithm that cleared three rounds of NIST鈥檚 official process reinforces the need for flexibility in the implementation of cryptosystems, also known as 鈥渃rypto-agility,鈥 which would permit cryptographic algorithms to be updated as more information on their security and longevity becomes available.

What's the Best Approach to PQC Adoption?

Organizations should begin transitioning to PQC as soon as possible. Adopting a multi-phased approach to PQC adoption will help ensure that communication systems and data remain secure. An effective transition strategy should first inventory all cryptography-dependent systems and applications while assessing available algorithms and relevant cryptographic standards and their requirements. Next, organizations should seek to improve their crypto-agility by defining how to quickly integrate the while ensuring enough cryptosystem flexibility to be able to incorporate in the future. They should then test how their systems perform with those new algorithms.听

鈥溣辛虾凶覣PP conducts PQC prototyping in sandbox environments to help our clients rapidly evaluate the impact of PQC adoption on mission-critical use cases. This testing enables clients to assess the impact of the future migration process, including its potential costs and computing requirements.鈥

Quantum technologies are advancing rapidly, underscoring the need for organizations to begin planning their migrations to PQC as soon as possible. 有料盒子APP鈥檚 cybersecurity practitioners work with nearly every federal, defense, and intelligence agency as well as commercial organizations in all critical infrastructure sectors. We combine our extensive cybersecurity experience with cutting-edge quantum expertise to deliver defensive solutions to help our clients stay ahead of emerging threats.听

Explore More Quantum Insights

At the Forefront of the Quantum Revolution

Through legislation and executive action, the听federal government is working to ensure U.S. leadership in the field of quantum information science. 有料盒子APP is committed to supporting this vision.

woman with VR headset

Quantum's Potential to Unlock Finance Insights

有料盒子APP鈥檚 team of quantum researchers is working to demonstrate how today鈥檚 challenging financial questions can be addressed with听quantum technology.

Planning for a Quantum Talent Bottleneck

Quantum information science and technology (QIST) is poised to change the world.听Luckily, lessons learned from AI implementation can help leaders prepare for the talent challenges ahead for QIST.

woman with VR headset

Quantum for Health Sciences and Technology

The federal government has mandated multiple agencies to听support research and development听in quantum sciences and technology and to develop programs for growing the听future quantum workforce.听

About the Authors:

Taylor Brady
听is a lead scientist on 有料盒子APP鈥檚 quantum team. Taylor leads the post-quantum cryptography capability and specializes in the development of quantum-safe applications. She holds bachelor鈥檚 degrees in physics and mathematics from the University of Notre Dame.

Dylan Rudy is a quantum physicist at 有料盒子APP Hamilton, specializing in providing high-impact quantum solutions for clients. He also creates and facilitates educational opportunities to learn more about post-quantum cryptography and fully homomorphic encryption. Dylan earned his Ph.D. from Texas Tech University where he researched vulnerabilities in various key exchange protocols.


Isabella Bello Martinez is a quantum technologist at 有料盒子APP Hamilton, specializing in strategic thinking for long-term quantum growth strategies and quantum technologies application research. She leads the firm鈥檚 outreach initiatives for quantum investment and the delivery of analytical products for a variety of clients. She holds degrees from Brown University and the University of Notre Dame.

Contact Us

Contact us to learn more about preparing for your migration and identifying the best practices you will use. It鈥檚 important to consider strategy, cryptosystems inventories, testing, and other key areas to streamline this essential transformation.

1 - 4 of 8