In the near future, quantum computers are expected to become powerful enough to break traditional asymmetric cryptographic algorithms—the backbone of data security for messages, documents, and online transactions. Post-Quantum Cryptography (PQC) is being developed to counter this immense computational power.
Post-Quantum Cryptography (PQC), also referred to as Quantum Safe Cryptography (QSC), encompasses encryption algorithms designed to withstand attacks from quantum computers.
What is Quantum Computing?
Quantum computing leverages principles of quantum physics to solve mathematical problems exponentially faster than classical computers. Tasks that would take today’s most powerful supercomputers years to complete could be reduced to mere days by quantum computers.
This unprecedented computational power heralds a new era for applications like artificial intelligence. However, alongside its benefits, quantum computing poses significant security threats.
Why Are Quantum Computers a Security Threat?
Once sufficiently advanced quantum computers emerge, traditional asymmetric cryptographic algorithms will become vulnerable. For instance, widely used algorithms like RSA and ECC, which rely on mathematically complex problems such as integer factorization and discrete logarithms, are employed globally to secure bank accounts, medical records, and other critical data. However, quantum algorithms like Shor’s algorithm could easily break RSA and ECC.
Governments and global tech corporations have acknowledged this threat, issuing warnings to protect critical infrastructure against potential quantum attacks. The U.S. National Security Memorandum of May 2022 states: “A sufficiently large and sophisticated quantum computer capable of breaking cryptography (CRQC) could compromise most public-key cryptographic algorithms used in digital systems across the U.S. and worldwide. A CRQC could endanger civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most internet-based financial transactions.”
What is Post-Quantum Cryptography (PQC)?
To counter quantum attacks, global research efforts are underway to develop stronger algorithms to replace RSA and ECC, capable of resisting attacks from both classical and quantum computers. These algorithms are collectively known as Post-Quantum Cryptography (PQC).
Why Act Now?
While quantum computers capable of such feats may not yet exist, data collection is already occurring. Sensitive or private data, valuable for years or even decades, is at risk. Hackers may be storing encrypted data now, waiting for future quantum computers to decrypt it—a strategy termed “harvest now, decrypt later.”
Additionally, devices like chips have long development cycles, requiring years of security testing and certification before deployment in existing infrastructure. Therefore, transitioning to PQC sooner rather than later is highly advantageous.
Global Progress in PQC Development
The most significant PQC research is led by the U.S. National Institute of Standards and Technology (NIST). NIST launched a global competition, inviting researchers worldwide to propose, evaluate, and validate new algorithms for resilience.
On July 5, 2022, NIST announced the first set of standardized algorithms, including: Key encapsulation mechanism (KEM) CRYSTALS-Kyber and Digital signature algorithms such as CRYSTALS-Dilithium, FALCON, SPHINCS+.
In 2022, the U.S. National Security Agency (NSA) released an updated Commercial National Security Algorithm Suite (CNSA 2.0), mandating that national security systems (NSS) fully transition to PQC algorithms by 2033, with some cases required as early as 2030. CNSA 2.0 specifies CRYSTALS-Kyber and CRYSTALS-Dilithium as key quantum-resistant algorithms, alongside hash-based signature algorithms like XMSS (Extended Merkle Signature Scheme) and LMS (Leighton-Micali Signatures).
By August 2024, NIST published its first three standardized PQC algorithms to ensure proper implementation:
- ML-KEM (FIPS-203): Key encapsulation mechanism based on module lattices (derived from Kyber)
- ML-DSA (FIPS-204): Digital signature based on module lattices (derived from Dilithium)
- SLH-DSA (FIPS-205): Stateless hash-based digital signature (derived from SPHINCS+)
NIST also outlined a roadmap to phase out classical cryptographic algorithms like RSA-2048 and ECC-256 starting in 2030, with complete discontinuation by 2035.
How should businesses prepare for the quantum era?
To be ready for the transition to post-quantum cryptographic algorithms, the first step for businesses is to review their entire systems and technology infrastructure to identify where RSA and ECC algorithms are currently being used. Next, they should assess the potential impact on speed and performance when switching to more secure Post-Quantum Cryptography (PQC) algorithms. Based on this assessment, businesses can then develop a step-by-step transition plan, while engaging with customers and partners to align on the migration approach and begin the transition.
Savyint PQC Lab: Vietnam’s First Post Quantum Crytography Platform for Digital Signatures, PKI, and Data Encryption
As an international technology group with extensive expertise in PKI, Cryptography, Blockchain, Electronic Identification, Authentication, and Open Banking/Finance, Savyint proudly introduces the Savyint PQC Lab – Vietnam’s first post-quantum cryptography platform tailored for digital signatures, PKI, blockchain, and cryptographic solutions.
This testing platform enables organizations to explore NIST-approved PQC algorithms, assess compatibility, performance, and impact without disrupting existing infrastructure. This is critical for financial institutions and fintech organizations aiming to comply with international standards such as FIDO2, PSD2, eIDAS, and PCI DSS.
Key features of Savyint PQC Lab:
- Utilizes Hardware Security Modules (HSMs) supporting NIST-standard PQC algorithms like FIPS 203 ML-KEM and FIPS 204 ML-DSA.
- Scans and alerts for digital certificates requiring replacement per NIST and new security standards.
- Manages and automates the issuance of PQC digital certificates.
- Oversees the entire lifecycle of digital certificates.
- Provides a flexible and secure sandbox environment for rapid testing, isolated from operational systems.
Connect with Savyint’s experts today to lead the way into the post-quantum era!
