What is Post-Quantum Cryptography? Definition & Explanation
Post-Quantum Cryptography (PQC) is the family of cryptographic algorithms designed to remain secure against attacks by future quantum computers — particularly Shor's algorithm, which would break RSA, ECC, and Diffie-Hellman. NIST standardized the first PQC algorithms in August 2024.
In-Depth Explanation
NIST's PQC standardization (started 2016) selected three primary algorithms in August 2024: ML-KEM (Module-Lattice-based KEM, formerly Kyber, FIPS 203) for key encapsulation, ML-DSA (Module-Lattice-based Digital Signature Algorithm, formerly Dilithium, FIPS 204) for digital signatures, and SLH-DSA (Stateless Hash-Based DSA, formerly SPHINCS+, FIPS 205) as a backup hash-based signature scheme. A fourth selection, FN-DSA (formerly Falcon), is expected as FIPS 206. The migration challenge is enormous — every TLS implementation, code-signing process, VPN, hardware token, certificate authority, and bootloader using RSA/ECC must eventually be replaced. The threat is not just future — "harvest now, decrypt later" attacks are already collecting today's encrypted traffic for future quantum decryption, particularly affecting long-lived secrets (intellectual property, healthcare records, government secrets). Major rollouts already in production include Cloudflare's hybrid X25519Kyber768 in TLS (default for many connections since 2023), Google Chrome's hybrid KEM in TLS, AWS KMS hybrid PQC, Apple's PQ3 protocol for iMessage (2024), and Signal's PQXDH protocol (2024). NIST is also developing additional algorithms in a fourth round and migration guidance under NIST SP 1800-38 series.
Why It Matters for Security
Sufficiently large quantum computers would break the public-key cryptography underlying every TLS connection, VPN, code signature, and digital identity in use today. While such machines may be a decade or more away, "harvest now, decrypt later" attacks make today's encrypted traffic vulnerable to future decryption — particularly damaging for long-lived secrets. Federal agencies must migrate to PQC under OMB M-23-02 and CNSA Suite 2.0; private-sector PQC migration is now urgent for any organization with secrets that must remain confidential beyond 2030.
Related Tools
- ProtonMail
Swiss-based end-to-end encrypted email with zero-access encryption and no tracking.
- Bitwarden
Open-source password manager with free tier self-hosting option and strong encryption.
- HashiCorp Vault
Secrets management and data protection with dynamic credentials and encryption as a service.
Frequently Asked Questions
What does Post-Quantum Cryptography mean in cybersecurity?
Post-Quantum Cryptography (PQC) in cybersecurity is the family of cryptographic algorithms designed to remain secure against attacks by future quantum computers — particularly Shor's algorithm, which would break RSA, ECC, and Diffie-Hellman. NIST standardized the first PQC algorithms (ML-KEM, ML-DSA, SLH-DSA) in August 2024.
Why is Post-Quantum Cryptography important?
PQC matters because sufficiently large quantum computers would break all today's public-key cryptography — and "harvest now, decrypt later" attacks already make today's traffic vulnerable to future decryption. Federal agencies must migrate under OMB M-23-02; private-sector migration is urgent for any organization with secrets that must remain confidential beyond 2030.