Post-Quantum Cryptography: Why You Need to Act Now

How Quantum Computers Break Encryption

Quantum computers are not just faster versions of classical computers – they operate entirely differently. While classical computers store information in bits that can be either 0 or 1, quantum computers use qubits, which can be 0, 1, or both at the same time (a property called superposition). Additionally, qubits can be linked together so that changing one qubit instantly affects another, even if they are far apart (a property called entanglement).

For example, consider searching for the right door.  

Imagine you are in a building with 1,000 doors, none of which are labeled, and you don't know which door hides a treasure.

• A classical computer would open each door one by one until finding the treasure. On average, this process would take about 500 tries.
• A quantum computer, however, uses the principles of superposition and interference to process many possibilities at once. This allows it to find the treasure roughly four times faster than a classical computer. For 1,000 doors, for example, it would take only about the square root of 1,000 tries, around 32 tries.

This unique method of processing information enables quantum computers to perform calculations exponentially faster than classical systems. This makes them especially promising for optimization problems, material science, and artificial intelligence.

Classical Encryption Methods and Standards Are Becoming Obsolete

Quantum computers pose a fundamental threat to existing encryption standards. Methods like RSA (Rivest, Shamir, and Adleman) and ECC (Elliptic Curve Cryptography) are based on the idea that classical computers would take billions of years to solve the underlying mathematical problems. However, this assumption may soon no longer hold true. 

As early as 1994, mathematician Peter Shor demonstrated that a powerful quantum computer could solve these problems in hours using his Shor's algorithm. What is considered secure today could be completely compromised by tomorrow's technological breakthrough. 

It’s not just asymmetric encryption at risk, either. Grover’s algorithm can significantly reduce the time required to search for the correct key, thus drastically weakening the security of symmetric encryption methods like AES-128. The result? Data once deemed secure could suddenly become vulnerable. 

The consequences are far-reaching. Companies and public institutions rely on encryption to protect data, products, communication systems, and critical infrastructure. However, once a powerful quantum computer is built, data encrypted today could be decrypted and exploited retroactively. Failing to act now jeopardizes the security of sensitive information and entire digital infrastructures.

These Industries Are Particularly Vulnerable to Quantum Computing

Even though quantum computers capable of breaking today’s encryption are not yet operational, the threat is real. Companies that develop products with long life cycles, handle sensitive encrypted data over extended periods, and have high security requirements must take these technological developments seriously.

• Automotive industry (OEMs & Suppliers):
  • Over-the-air (OTA) updates and software patches could be decrypted and altered.
  • V2X (vehicle-to-everything) communication between vehicles and infrastructure could be intercepted or spoofed.
  • Digital keys and authentication systems could be compromised, enabling theft or unauthorized control.
• Aerospace & defense:
  • Satellite communication and navigation systems could be decrypted and altered.
  • Over time, military-grade encryption and mission data could be compromised.
  • Secure boot mechanisms and software integrity in aerospace systems could be attacked retroactively.
• Manufacturing & supply chain security:
  • Digital certificates for components and parts could be forged or compromised retroactively.
  • Machine and process data could be decrypted and exploited.
  • Tamper-proof authentication of hardware and software components would no longer be guaranteed.
• Public sector & critical infrastructure:
  • Government communications (e.g., those of the police, military, and intelligence services) could be decrypted retroactively, exposing highly sensitive information.
  • Databases containing citizen, tax, and health records could be compromised in the long term.
  • E-government systems and digital identities could lose their trustworthiness.
  • Energy and utility networks could become vulnerable to manipulation and attacks.

Long product and data lifecycles increase the risk

Many products and systems in these sectors have lifecycles of 10 to 30 years, or even longer. A vehicle, satellite, or government database encrypted today must remain secure through 2040 and beyond. However, the encryption standards used today could become obsolete within just a few years.

What does this mean in practice?

• Cybercriminals and industrial spies are collecting encrypted data from vehicles, aerospace systems, governments, and defense organizations now.
• Once powerful quantum computers are available, they could decrypt this data and use it for targeted attacks or technological espionage.
• Organizations that delay migrating for another ten years risk having stolen data compromised retroactively.

Quantum computing threatens the foundations of digital security and the trustworthiness of digital systems in general. This affects any organization that handles confidential information such as customer data, secures digital transactions, or is subject to data protection and compliance regulations.

Post-Quantum Cryptography: The Security Solution at a Glance

The solution is to migrate to post-quantum cryptography (PQC) in a timely manner. PQC is a set of cryptographic algorithms designed to remain secure even in the presence of quantum computers. PQC includes cryptographic methods that resist quantum attacks and are based on new mathematical principles.

PQC replaces vulnerable algorithms with new ones that can withstand quantum threats. The good news is that quantum hardware is not required. PQC can be implemented on classical systems today. The main categories of post-quantum encryption methods include:

1. Lattice-based cryptography
   These methods rely on the difficulty of solving lattice problems, such as determining the shortest distance between two points in a lattice. These problems are extremely complex and considered difficult to solve, even for quantum computers. Lattice-based algorithms are known for their efficiency and versatility. Key examples include the key encapsulation mechanism (KEM) CRYSTALS-Kyber and the signature schemes CRYSTALS-Dilithium and Falcon. FrodoKEM, which is also based on lattice problems, stands out for its conservative security assumptions.
2. Hash-based cryptography
   These approaches build on the mathematical robustness of hash functions, which convert data of any size into a string of fixed length. The most notable scheme in this category is SPHINCS+.
3. Code-based cryptography
   This family of algorithms is based on the difficulty of efficiently decoding error-correcting codes. This problem has resisted efficient solutions for decades, even in the context of quantum computing. Well-known code-based schemes include Classic McEliece, BIKE, and HQC. These schemes are considered especially resilient and well-studied.

Well Protected in the Quantum Age: NIST Standards for PQC

As previously mentioned, in August 2024, the NIST published its first official standards for post-quantum cryptography. These standards define algorithms that are secure against quantum attacks, replacing traditional methods such as RSA and ECC. They are now considered the global benchmark for companies and public institutions alike.

How Cloud Providers Are Driving the Migration to Post-Quantum Cryptography

Leading cloud providers have recognized the urgency of the quantum threat and are actively advancing the implementation of quantum-safe encryption.

• AWS, for example, has published a comprehensive post-quantum cryptography migration plan. The migration is happening gradually, starting with systems that communicate over insecure networks. Since 2019, AWS has been testing PQC algorithms in security-critical services, including the AWS Key Management Service (KMS), AWS Secrets Manager, and AWS Certificate Manager. AWS is also using hybrid PQC solutions in TLS to run classical and post-quantum algorithms in parallel, ensuring a smooth transition.
• As part of its Microsoft Quantum Safe Program (QSP), Microsoft is pursuing a holistic strategy to gradually integrate PQC into Windows, Azure, and Microsoft 365. In December 2024, ML-DSA (formerly CRYSTALS-Dilithium) and LMS algorithms were added to SymCrypt, Microsoft’s core cryptographic library. Microsoft is collaborating with standardization bodies, such as the IETF, to incorporate PQC into TLS, SSH, and IPsec.
• Google has used PQC for internal communications since 2022 and, in May 2024, activated ML-KEM by default for TLS 1.3 and QUIC in Chrome. This means that connections to Google services, such as Cloud Console and Gmail, are already experimentally protected by quantum-secure keys. Google is also contributing to the development of PQC standards at NIST, ISO, and the IETF, as well as integrating PQC algorithms into its open-source cryptography library, Tink.
• IBM is taking a comprehensive approach with its Quantum Safe portfolio.
  • Standards & algorithms: IBM researchers have contributed to ML-KEM (Kyber), ML-DSA (Dilithium), and FALCON, all of which are NIST PQC standards.
  • IBM quantum safe transformation services: IBM offers consulting, risk assessments, hybrid migrations, and implementation support in both cloud and enterprise environments.
  • IBM cloud & platform integration: Since 2022, IBM Cloud Internet Services (Edge) has supported PQC hybrid TLS (ML-KEM + X25519). The IBM Quantum Platform also offers quantum-safe TLS connections.

These initiatives demonstrate that major technology providers are preparing for the post-quantum era. Companies and public institutions should act now to secure their systems and reap the benefits of these developments.

Planning and Implementing PQC Migration in 4 Steps

If you want your systems to remain secure in 2030 and beyond, begin introducing PQC by 2025. To do so effectively, take a structured, multi-step approach.

Step 1: Taking stock

Systematically identify which cryptographic methods are currently used in your products, applications, and backend systems. Which systems still rely on RSA or ECC and need to be replaced or adapted? Consider the following:

• On-premises systems
• Cloud services
• Client-server systems
• Embedded systems, such as vehicle control units and machine controls
• Mobile devices and Internet of Things components.

Communication and transmission paths

Include all communication channels that use cryptographic protocols and may be vulnerable in your cryptography inventory.

• Web and API traffic: TLS / HTTPS, gRPC-TLS
• VPN tunnels: IPsec, WireGuard, OpenVPN
• Remote shell and administration: SSH, RDP with TLS
• Email transport and signing: SMTPS, STARTTLS, S/MIME, PGP / OpenPGP
• Machine-to-machine messaging: MQTT-TLS, AMQP-TLS
• Data replication and storage: TLS-protected database replicas, S3-HTTPS, NFS-Kerberos

Be sure to document the following: versions, cipher suites, key lengths, and any fallback mechanisms. This detailed inventory is essential for preparing your systems for post-quantum cryptography and aligning with the latest NIST standards.

Older, proprietary, and embedded protocols:

Identify outdated or proprietary protocols, especially in IoT and embedded environments, as these are often difficult to patch. Examples include:

• Radio and fieldbus protocols: Zigbee, BLE, Z-Wave, CAN bus, Modbus
• Legacy industrial standards or manufacturer-specific protocols without up-to-date cryptography
• Device or firmware versions that no longer receive updates

Evaluate whether these protocols:

• Use outdated algorithms, such as 1024-bit RSA or SHA-1
• Rely on insecure custom implementations or lack encryption altogether
• Contain cryptographic co-processors that are not compatible with post-quantum cryptography

If an immediate replacement is not feasible, develop a migration or mitigation strategy. This could include using gateways or network segmentation to ensure security during the transition. This approach aligns with the goal of adopting NIST post-quantum cryptography standards.

Certificates, key management, and dependencies

Finally, list all of the following:

• Certificates (root, intermediate, end-entity) including validity periods, algorithms, and key lengths
• HSM (Hardware Security Module) and KMS (Key Management System) instances, secrets managers, TPMs
• Signature and authentication mechanisms such as JWT, SAML, OAuth, and code signing
• Libraries and frameworks like OpenSSL, Bouncy Castle, mbedTLS, and others

The result: A complete cryptography inventory that covers all methods, transmission paths, and protocols. This inventory provides a solid foundation for making informed decisions about your post-quantum cryptography migration.

Step 2: Risk assessment

Prioritize systems and data based on business relevance, such as trade secrets, personal data, and security-critical software. Also consider their lifecycle, especially if long-term protection is required over years or decades. Furthermore, consider the "store now, decrypt later" risk. Where is sensitive communication transmitted over public channels that could be intercepted and decrypted later? This analysis helps identify critical components and prioritize their protection with post-quantum cryptography solutions.

Step 3: Take initial measures

Begin by using hybrid solutions that combine classical cryptography with post-quantum cryptography methods. Crypto agility is key: Systems that can adapt to new algorithms can maintain compatibility with current environments while ensuring readiness for future cryptanalytic breakthroughs. This approach enables a gradual transition with minimal security compromises or productivity risks.

Step 4: Roadmap for implementation

Begin with pilot projects that are simple and clearly defined. Examples include internal public key infrastructure (PKI) environments or selected virtual private network (VPN) gateways. Replacing TLS certificates with post-quantum cryptography alternatives is also an effective and quick first step. Evaluate the performance, compatibility, security, and operational effort of the PQC algorithms you use. The insights gained will help define best practices for other parts of your organization. This knowledge will support the planning and execution of a controlled rollout across larger system environments in alignment with NIST's post-quantum cryptography standards.

Quantum-Security Expertise Meets Future Technology: How Your Business Benefits From Partnering With MHP

Timely action is essential when it comes to migrating and implementing post-quantum cryptography. MHP supports your company with technical and strategic expertise to ensure you are not facing this challenge alone. Together, we will prepare your PQC migration and design a security strategy tailored to the evolving landscape of quantum computing. Here’s what you can expect from working with us:

• Strong partnership with IBM: As an IBM Silver Partner since 2007, we are part of the powerful IBM ecosystem and have direct access to the first European IBM Quantum Data Center in Ehningen. Operated by a global leader in quantum computing, this partnership enables us to offer valuable insights and resources. Although post-quantum cryptography is designed for use on classical systems, our broader quantum expertise benefits you in many ways, including real-world quantum applications in AI, optimization, and materials science, as well as strategic planning for the post-quantum era.
• Internal workshops: We offer customized workshops that raise awareness and provide foundational knowledge in quantum computing. These workshops include use case ideation and initial implementation using the Qiskit quantum computing framework and a real IBM Quantum Computer.
• Ongoing monitoring of market and technology trends: We continuously track developments in quantum computing and PQC, including the analysis of emerging NIST PQC standards, EU initiatives, and the latest innovations from major cloud and technology providers.
• More than 25 years of industry experience: Our in-depth knowledge of sectors such as automotive, manufacturing, and security allows us to identify high-risk systems and develop customized post-quantum cryptography blueprints that align with your industry's unique security needs.
• Expertise at the intersection of AI and quantum technology: In our blog post "Quantum Machine Learning", we explore how quantum technologies can be combined with artificial intelligence to unlock new innovation potential.

PQC: Protect Today What Will Still Matter Tomorrow

Quantum computers are challenging the foundations of today's IT security. Widely used cryptographic methods, such as RSA and ECC, which currently underpin most digital communication and data protection, will become obsolete within the next few years. The most critical threat is that attackers are currently storing encrypted information with the intent of decrypting it in the future using quantum computers. This is particularly relevant for long-lived data and systems commonly found in industries such as manufacturing and automotive as well as in the public sector. 

If you want to be secure in 2030, you have to act now. Migrating to post-quantum cryptography is not a short-term IT project but rather a long-term strategic challenge. Organizations that begin preparing today will protect the confidentiality of their data and gain a technological edge. They will also meet emerging compliance requirements early and build lasting trust among customers, partners, and regulators. 

MHP supports you every step of the way. With our deep technical expertise, strong partnership with IBM, and over 25 years of experience securing industrial environments, we offer the ideal combination of foresight, practical implementation, and industry insight. We help you think quantum-secure, identify risks, and make informed strategic decisions for the years ahead – securely, proactively, and tailored to real-world applications.

FAQs