Post-Quantum Cryptography: IT Security in the Era of Quantum Technology

Post-Quantum Cryptography: IT Security in the Era of Quantum Technology

Quantum computers threaten today’s cryptography – Post-quantum cryptography (PQC) comes to its rescue

A quantum computer is a new kind of computing device highly superior to classical computers for specific tasks. Unfortunately, breaking cryptography is one of them. With the rapidly ongoing research in quantum computing, the need for post-quantum security is emerging. In a world where quantum computing is no longer a mere theory but becoming a reality, the danger of quantum attacks on classical cryptographic mechanisms needs to be taken into account, to ensure a future-proof protection of information assets.

This necessity will soon lead to a significant market for post-quantum secure products. Product manufacturers, irrespective of whether they develop a small post-quantum crypto co-processor or a full-fledged, post-quantum security gateway, need to get ready now.

With first PQC algorithms already standardized and more to follow, the good news is that developers can start now.

of today’s public key crypto will be broken by a large quantum computer.


NIST PQC 3rd round finalists.


the first draft standards will be available!

Short glossary of the most important terms in the field of post-quantum cryptography

  • Asymmetric Cryptography: cryptography using two distinct keys, a a private one (restricted to the key's owner) and an associated public key (known to everyone); each pair of public and private key can be used for an operation and its counterpart (e.g. encryption with public key, decryption with private key; signature generation with private key, signature validation with public key); can be used to communicate via untrusted channels without prior exchange of keys
  • Classical Cryptography: if used in context of post-quantum cryptography: mainly referring to asymmetric algorithms which are not secure against attacks with a quantum computer, e.g. RSA, DH, ECDSA
  • Entanglement: combination of several quantum objects acting as one entity; any change on one of these objects results in a simultaneous change of all entangled partners
  • Key Exchange: computation of a shared secret by several parties in a protocol run; exchanged messages do not require confidentiality (but authenticity) to keep computed secret confidential
  • Post-Quantum Cryptography: cryptography, which can be used on classical computers and which is secure against both classical attacks as well as attacks with quantum computer; uses different mathematical problems than classical cryptography; does not require a quantum computer
  • Quantum Computer: new kind of computing device highly superior to classical computers for specific tasks; instead of bits, quantum computers use qubits 
  • Quantum Computing: computation using a quantum computer 
  • Quantum Cryptography: cryptography using quantum physics with new hardware and new protocols
  • Quantum Key Distribution: secure distribution of key material using quantum physical effects; currently still slow and with limited range between partners
  • Qubit: the quantum computer’s analogon to the classical bit; while a bit stores information as either a “0” or a “1”, a qubit can also reside in an intermediate state between 0 and 1
  • Superposition: property of quantum object to reside in a state between two basis states (e.g. 0 and 1); in contrast to common intuition, where objects are “either-or”: either here or there, either one or zero, etc.; in quantum physics (physics of small particles) this is not the case, but particles can be in an intermediate state
  • Symmetric Cryptography: cryptography using the same (pre-shared) key for an operation and its counterpart (e.g. encryption/decryption; creation/validation of a message authentication code); requires secure sharing of this key prior to first use


Post-quantum cryptography does not require quantum computers but protects against attacks with quantum computers

Today’s cryptography uses two major schemes: symmetric schemes, where sender and recipient share the same key, and asymmetric, or public key schemes, where sender and recipient use different keys – a public key and a private key.

As symmetric schemes require the prior secure exchange of keys, public key schemes are the backbone of today’s digital world. Unfortunately, a quantum computer breaks today’s most widely deployed public key algorithms entirely and irreversibly and hence threatens all of today’s digital infrastructure security!

Post-Quantum Cryptography (PQC) is cryptography running on classical computers, which is secure against quantum computer attacks and classical attacks alike. Thus, no quantum computer is required to develop, implement or use PQC.

Information is already at risk today

There is no time to waste – sufficiently powerful quantum computers will become a reality rather sooner than later and the world needs to be ready by then. All confidential information today, which is transmitted via the Internet or stored in the Cloud, is in danger of being revealed in the future.

Replacing today’s cryptography with Post-Quantum cryptography is not a plug and play scenario but will take a lot of time – in particular for security hardware in long-living products like cars, medical devices, industrial production lines etc.

Compliance with legislation might require a fast transition. The European General Data Protection Regulation (GDPR) explicitly names cryptography as a means to protect personal data. Together with the requirement to take the state of the art into account, this leads to the conclusion that PQC must be considered for the protection of personal data.

Fortunately, the transition to PQC can start today

There are several well-studied post-quantum algorithms available. Standardization for these algorithms is ongoing and first recommendations are already published.

Even if no use-case specific recommendation is (yet) available, hybrid schemes can help to accelerate the transition: By using a combination of a pre-quantum algorithm and a post-quantum algorithm, companies can implement the new algorithms without adding any additional risks.  

Cryptographic security does not merely require a secure algorithm design but a secure implementation is equally important. History shows a variety of attacks on implementations of cryptographic algorithms, with side-channel attacks and fault-injection attacks being most difficult to mitigate. The experience with classical cryptography implementations will help to also securely implement PQC.

You can find detailed information on these topics in our comprehensive Post-Quantum Security Whitepaper.  

Our post-quantum service portfolio

With our long-standing experience in IT security we support you in your transition to the post-quantum era. Our service portfolio includes a broad spectrum of services ranging from introductory workshops to post-quantum readiness analyses. Moreover, our experienced security experts in our state-of-the art hardware laboratory can also test your post-quantum hardware for secure implementation. See below for an extract of our services.

Initial training & awareness workshops

Support for your secure product design

Support during your product development

Independent evaluation of your products

Certification of your products in various schemes

Support for migration to PQC in your security infrastructure

There is no time to waste – sufficiently powerful quantum computers will become a reality rather sooner than later and the world needs to be ready by then.

- Dirk Kretzschmar, Managing Director at TÜV Informationstechnik GmbH


Industries that will be particularly affected in the future by switching to post-quantum cryptography:

Not only the security industry but also the following industries will be particularly impacted by the necessity to switch to post-quantum security.

Automotive industry

The automotive industry is affected with their long-lived products, which for sure will still be around when quantum computers are a reality. Here, topics include a (post-quantum) secure Firmware Over-The-Air Update (FOTA) and of course Vehicle-To-Everything (V2X), Vehicle-To-Infrastructure (V2I), Vehicle-To-Vehicle (V2V), Vehicle-To-Network/Grid (V2N/V2G) and alike.

Suppliers of IoT devices

Suppliers of Internet-of-Things (IoT) devices – in particular Industrial IoT (IIoT) – are affected, as these low-resource devices need to rely on hardware implementations of cryptographic algorithms, which are difficult to replace.

Banking industry

The banking industry is affected with their credit and debit cards as well as (mobile) payment applications.

Energy industry

The energy industry is affected, e.g., with charging solutions for Battery Electric Vehicles (BEV) or Smart Meter Gateways (SMGW).

Telecommunication industry

The telecommunication industry is affected, e.g., with Mobile Network Operators (MNO) who need to be able to securely store their network access credentials on SIM cards.

Pharma and healthcare industry

The pharma and healthcare industry is affected, e.g., when considering implants with wireless interfaces.

Would you like to dive even deeper into the matter and get more detailed information? Then we recommend our whitepaper on the subject of post-quantum security.

Download: Post-Quantum Security Whitepaper

In our free whitepaper we

  • give an overview of how quantum computers will break today’s crypto, thus threatening all of today’s digital infrastructure,
  • show how Post-Quantum Cryptography (PQC) can effectively prevent this scenario using classical computers,
  • demonstrate why there is no time to waste and indeed the prerequisites to start the transition today are already there, and finally
  • consider implementation aspects and show that all know-how for secure implementation of classical cryptography will also be necessary for PQC.