Post Quantum Cryptography

The Quantum Revolution vs. Cybersecurity: Ensuring Resilience with Post Quantum Cryptography


Navigating the quantum leap in the cybersecurity domain demands a proactive and agile approach towards quantum-resistant cryptography. In this thought-provoking piece, we'll explore the imminent quantum threat, assess the current state of post-quantum algorithms, and reveal practical strategies that leaders in the digital security sector can employ to safeguard their data from the quantum storm on the horizon.

Understanding the Quantum Threat – Are you PQC-ready?

The race toward quantum computing power is accelerating, and with recent breakthroughs from pioneering companies, we are closer than many realize to the era of quantum supremacy: just recently, Microsoft and Quantinuum moved one step closer to a commercial quantum computer. They improved the logical error rate of their supercomputer by 800 times by creating an innovative qubit virtualization system in ion-trap hardware, resulting in four highly reliable logical qubits from only 30 physical qubits.

This imminent milestone will render standard asymmetric cryptography, such as RSA and ECC, vulnerable to decryption.

The Present State of Encryption Vulnerability – Quantum-powered Cyber Attacks

Current-day encryption methodologies stand as a thin barrier against the computational prowess of future quantum computers. Algorithms that take thousands of years to break with classical computing could be dismantled in a matter of hours by quantum machines. This disparity in cryptographic resilience is the heart of the quantum threat that cybersecurity professionals must address. Although quantum computers are not yet available, they do have an impact on today's cryptographic applications – represented by two attack types:

1. Store now, decrypt later

Attackers could obtain sensitive information now and wait until quantum computers are available to decrypt it. This is especially relevant if your organization handles sensitive information with a long confidentiality span.

2. Digital signatures can be broken

By “computing” credentials from public information, an attacker could approve requests or sign documents impersonating someone else. This can also happen retroactively in the future with older signatures if they are not updated.

One cannot say with certainty when a quantum computer will be available that can crack standard crypto such as RSA. However, there are various hypotheses that range from 2030 to 2035.

RSA-2048 is only considered secure until 2030.
(according to NIST SP 800-78-5)

You may be thinking, "2030 is a few years away; why should I worry about it now? Planning your Post Quantum Cryptography (PQC) migration now is essential to ensure the long-term security of your data and applications for three main reasons:

  • Although the first sufficient quantum computers are expected in 2030, it cannot be ruled out that they will not be available earlier.
  • Crypto discovery and migration will take time.
  • Legacy code and libraries will be around for a long time.

Basically, you are left with two options:
1. Plan your PQC Migration now.
2. Do nothing and risk data security. (There’s a great chance your future self will not thank you for this decision.) 

The good news: The development and standardization of PQC is also progressing.

Start by evaluating your post quantum cryptography options and plan your migration with Utimaco.

Post Quantum Cryptography (PQC): A Strategic Imperative

Let’s dissect the current landscape of PQC and the critical role it holds in data protection against quantum adversaries.

Navigating NIST Standards and the CNSA Suite 2.0

NIST – the National Institute of Standards and Technology – recognized the potential threat of quantum computing as early as 2016. As a result, they have launched a standardization process to establish standards for algorithms that are resistant to quantum computers. This initiative is recognized worldwide by many institutions that welcome it.

To date, NIST has defined four algorithms to be standardized:    

  • CRYSTALS-Dilithium (ML-DSA)
  • FALCON    

Other algorithms have advanced to the fourth round of the standardization process, the results of which are expected to be announced later this year. In addition to the NIST process, there are other reputable institutions that define quantum-resistant algorithm suites or recommendations, such as the Commercial National Security Algorithm (CNSA) Suite 2.0 shown here:

For Software and firmware signing:

  • LMS
  • XMSS

For General public key algorithms for quantum resilience:

  • Key establishment: CRYSTALS-Kyber (ML-KEM)
  • Digital Signatures: CRYSTALS-Dilithium (ML-DSA)

For Symmetric key algorithms:

  • AES
  • SHA

Overview – Your choice of PQC algorithms

Encryption / 
Key Encapsulation
CRYSTALS-KyberLattice-basedNIST Draft Standard published: FIPS 203 (ML-KEM)
Classic McElieceCode-basedNIST PQC Standardization Round 4
BikeCode-basedNIST PQC Standardization Round 4
HQCCode-basedNIST PQC Standardization Round 4
Frodo-KEMLattice-basedRecommended by BSI (German Federal Office for Information Security)
Digital SignaturesCRYSTALS-DilithiumLattice-basedNIST Draft Standard published: FIPS 204 (ML-DSA)
SPHINCS+Hash-basedNIST Draft Standard published: FIPS 205 (SLH-DSA)
FALCONLattice-basedNIST Selected Algorithm to be standardized
LMS / HSSStateful Hash-basedRecommended by NIST (apart from standardization process)
XMSS / XMSS-MTStateful Hash-basedRecommended by NIST (apart from standardization process)


The PQC Implementation Paralysis

Many organizations face a PQC implementation paradox. The hesitation to transition to PQC could leave digital assets vulnerable, yet adopting unproven cryptographic frameworks invites operational and security risks in equal measure.

This uncertainty is further exacerbated by the fact that there is no silver bullet. You cannot assume that the algorithms from the list will be a 1:1 replacement. You need to consider which cryptographic use cases your organization has and test which PQC algorithm fulfills this use case in your environment. 

Crafting a PQC Migration Strategy for quantum resilience

A robust quantum-resilient strategy encompasses more than just upgrading cryptographic algorithms. It involves a holistic approach to secure data against potential quantum threats, encompassing technology, policy, and organizational readiness.

PQC decision tree


Examining successful PQC migration efforts illuminates the path forward for organizations. By deploying a hybrid approach that incorporates PQC alongside classical algorithms, companies are preparing for the quantum age without sacrificing their current security postures.

The role of Crypto Agility and HSMs

“The most important approach is to be flexible; the use of implementations and applications that can most easily be adapted to the cryptographic security offerings and a plan for transitioning to them offer the best solution.” – NIST SP 800-57

Crypto agility applies not only to your application, but also to the devices you use. When upgrading cryptographic applications and encryption keys for the post-quantum era, hardware security modules (HSMs) play a critical role. The HSM is an essential element of your cryptographic infrastructure because it is the trust anchor for your cryptographic keys and performs cryptographic processes based on algorithms and for key generation, management, and storage.

Crypto-agile HSM solutions are designed to accommodate the swift integration of PQC algorithms, offering a layer of flexibility that is indispensable to long-term cybersecurity planning.

Thus, when choosing an HSM vendor, crypto agility is a critical factor. 

What's Next? Preparing for the Inevitable Quantum Era

The quantum era is not just a technological milestone—it is a security watershed that will redefine the landscape for decades to come. Now is the time to engage in post quantum cryptography, to ensure that as the quantum horizons expand, our data remains secure.

Quantum Computing and the Velocity of Change

The pace at which quantum computing is evolving underscores the imperative for immediate action. Waiting for a clear and present danger before adopting PQC is akin to playing the odds with increasingly outdated cryptographic protocols.

The Long-Term Benefits of Proactive Quantum Resilience

Organizations that proactively invest in quantum-resilient cryptography stand to gain more than just secure data transmissions. They pave the way for technological innovation, operational excellence, and a reputation for being at the vanguard of digital security.

Partnering with PQC Innovators

At Utimaco, we're proud to be at the forefront of research and innovation in the field of Post Quantum Cryptography (PQC). As quantum computing evolves, so must cryptography.

Our experts participate in several influential committees dedicated to shaping the future of PQC, such as:

  • NIST PQC Consortium, PQC Consortium: Work Streams Interoperability, Discovery
  • X9 Post Quantum Cryptography Committee
  • ETSI Quantum-Safe Cryptography (QSC) Working Group
  • PQC Consortium: PQC Workstream
  • And several more

These committees serve as hubs for collaboration, knowledge sharing, and driving standards that will define the next generation of cryptographic protocols.

In conclusion, quantum computing poses unprecedented challenges to the field of cryptography. However, by taking a proactive, informed, and collaborative approach, we can turn these challenges into opportunities to enhance our data security. The time for post-quantum cryptography is not in some far-off quantum future—it is now.

Utimaco’s Hardware Security Modules – PQC-ready by design

Utimaco’s General Purpose HSMs are designed crypto-agile and can be in-field upgraded with PQC algorithms such as CRYSTALS-Kyber, CRYSTALS-Dilithium, LMS/HSS, and XMSS/XMSS-MT. We also follow the standards and continuously develop our solutions. As a result, we have successfully completed several PQC migration and implementation projects with various customers.

The best part: You can test PQC algorithms in your infrastructure with our Q-safe simulator.

Explore Utimaco PQC solutions at RSA Conference 2024!

Are you planning to attend RSA Conference 2024? Don't miss the opportunity to hear our experts live! Utimaco’s CTO, Nils Gerhardt, will reveal strategies for future-proofing your digital infrastructure against the inevitable quantum revolution. Catch him at the Briefing Center on Wednesday, May 8, 2024, from 11:10 AM to 11:30 AM PT, or visit our booth 5256 for further insights. 

Additionally, ensure you don't miss out on the exclusive on-demand session available at RSA - "PQC in Practice – Use Cases, Migration Tips, and a Free Demo Tool." Join our experts as they share first-hand experiences from successful PQC migration projects.

RSA 2024 banner


Furthermore, stop by our booth 5256 to experience a live PQC Demo firsthand. For more details about our presence at RSA 2024, including additional sessions and booth activities, please visit here.

About the Author

Lena Backes is an IT Marketing expert with more than 10 years of experience working in the B2B sector. In her professional career, she has gained extensive knowledge in various areas, including cybersecurity, network management, enterprise streaming, and software asset management. In her current role she is responsible for product positioning of Utimaco’s cybersecurity products and solutions, with a particular focus on data protection, blockchain technology, and post quantum cryptography.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.