Post-Quantum Cryptography: From Theory to Adoption

Post-Quantum Cryptography banner with terminal output showing PQC-ready SSH configurations and the text “Are you PQC-Ready?”
Demonstrating Post-Quantum Cryptography in SSH with real-world readiness check.

The Quantum Threat

For decades, digital security has relied on RSA and elliptic curves, both considered secure against classical computing. Quantum computing changes this equation: Shor’s algorithm shows these schemes can be broken once quantum hardware reaches scale. Even if that milestone is years away, attackers can already capture encrypted traffic today and decrypt it later. This “harvest now, decrypt later” threat makes post-quantum cryptography (PQC) essential.

NIST Standardization

In 2016, the U.S. National Institute of Standards and Technology (NIST) launched a global competition to standardize PQC. After multiple evaluation rounds, NIST selected lattice-based algorithms as the foundation for the future:

  • CRYSTALS-Kyber (FIPS 203, draft) – key exchange
  • CRYSTALS-Dilithium (FIPS 204, draft) – digital signatures
  • FALCON (FIPS 205, draft) – compact signatures
  • SPHINCS+ (FIPS 206, draft) – hash-based, conservative fallback

Final standards are expected by 2025, giving organizations confidence to adopt algorithms that resist both classical and quantum attacks.

PQC and QKD Together

PQC is not the only piece of the puzzle. Quantum Key Distribution (QKD) is also emerging, using quantum physics to exchange keys securely. While QKD requires specialized hardware and cannot replace PQC, forward-looking organizations should prepare for a hybrid future where PQC and QKD complement each other.

Where PQC Is Already Appearing

  • TLS: Cloud providers already test PQC-hybrid TLS 1.3 handshakes (Kyber + X25519).
  • SSH: OpenSSH has been at the forefront. Version 9.0 added NTRU (sntrup), 9.9 introduced Kyber (mlkem), and as of OpenSSH 10.0, Kyber hybrids are the default key exchange.
  • VPNs: Both IPsec and OpenVPN communities are experimenting with PQC-hybrid handshakes under IETF drafts.
  • Databases: Secure connections rely on TLS. Once OpenSSL integrates the NIST algorithms, PostgreSQL, MySQL, and MongoDB will inherit PQC protection seamlessly.

Start with Inventory

Transitioning to PQC is not simply about upgrading libraries. The first step is asset and software inventory: organizations must know which systems, applications, and protocols depend on cryptography. Without this map, migration planning is blind.

Take my own environment as an example:

  • Perimeter: Cloudflare (CF) → Nginx reverse proxy
  • Application: WordPress frontend with database backend
  • Infrastructure: OpenVPN for remote access and SSH for management

Each layer — from TLS termination at Cloudflare to SSH key exchange on servers — must be evaluated for PQC readiness. Some components already support it (e.g., OpenSSH 10.0 with Kyber), others depend on OpenSSL’s roadmap, and some may eventually integrate QKD.

The Time to Prepare Is Now

The quantum threat may feel abstract, but migration takes years. The right moment to prepare is today:

  • Start with crypto inventory
  • Monitor vendor roadmaps
  • Experiment with PQC where support already exists

The organizations that plan now will be secure tomorrow.

Contact Form

Leave a Reply

Your email address will not be published. Required fields are marked *