Post-Quantum Cryptography, or PQC, refers to a new generation of encryption methods designed to stay secure even when powerful quantum computers arrive. Unlike today’s common cryptographic algorithms, PQC algorithms rely on mathematical problems that quantum computers find difficult to solve. In simple terms, it’s about future-proofing our digital security before advances in quantum computing can compromise the cryptographic algorithms in use today.
RSA and Classical Cryptography
For nearly 50 years, the RSA asymmetric cryptographic algorithm has been a cornerstone of digital security on the Internet and in the enterprise. First introduced in 1977, RSA (and similar classical public-key systems) has provided remarkably stable protection for everything from secure communications to data storage. Few cryptographic algorithms have remained relevant and trusted for as long as RSA.
The Quantum Threat to Classical Cryptography
However, the long-term viability of classical public-key cryptography is now being challenged. Quantum computers use different principles (like superposition and entanglement) that could efficiently crack RSA and other classical algorithms. Experts warn that a cryptographically relevant quantum computer (CRQC), one powerful enough to break RSA-2048 and similar systems, could emerge as soon as the late 2020s or early 2030s. Recent research suggests the resources required to break classical cryptography may be lower than previously estimated, accelerating projected timelines.
ECC is Also Vulnerable
RSA isn’t the only algorithm affected. Another widely used classical algorithm is Elliptic Curve Cryptography (ECC), including variants like ECDSA for signatures and ECDH for key exchange. ECC offers smaller key sizes and better performance than RSA at equivalent security levels, which is why it is preferred for workloads such as web servers, document and code signing, and TLS-based VPN services. However, ECC is not quantum safe. Like RSA, it relies on a mathematical problem (the elliptic curve discrete logarithm problem) that a cryptographically relevant quantum computer can efficiently solve using Shor’s algorithm. In fact, because of its smaller key sizes, ECC could be broken with even fewer quantum resources than RSA, making the transition’s urgency equally high for enterprises that rely on it. NIST guidance treats ECC the same as RSA, deprecating vulnerable curves (like P-256) by 2030 and disallowing them by 2035.
Migrating to Post Quantum Cryptography
The shift involves moving from classical algorithms (such as RSA and ECC) to NIST-standardized post-quantum algorithms, such as ML-KEM (Module-Lattice Key Encapsulation Mechanism) for key exchange and ML-DSA (Module-Lattice Digital Signature Algorithm) for digital signatures. These are quantum-safe or quantum-resistant, meaning they’re built to withstand attacks from both classical and quantum computers.
The Harvest Now, Decrypt Later Risk
One of the most urgent reasons for enterprises to move forward is the harvest now, decrypt later threat. Bad actors, particularly nation-states, can collect encrypted data today and store it. Once a CRQC arrives, they could decrypt it retroactively. This is especially dangerous for data with a long shelf life, such as:
- Trade secrets
- Intellectual property
- Personal health information
- Classified government information
- Long-term contracts
- VPN communications
Even if your data isn’t sensitive today, it might be in 10 to 20 years.
NIST Guidelines
NIST has provided clear guidance: quantum-vulnerable algorithms like RSA-2048 are slated for deprecation by 2030 and fully disallowed by 2035 in many federal and standards contexts. This timeline pushes organizations to act now on inventory, testing, and migration.
See the NIST Transition to Post Quantum Cryptography Standards [PDF] for additional details.
Early Enterprise Adoption
Large technology providers are already moving aggressively toward PQC adoption. Google has accelerated its post-quantum migration timeline, targeting 2029 for key systems to be quantum safe. Cloudflare has similarly committed to full post-quantum security, including both encryption and authentication, by 2029. They’ve already rolled out hybrid post-quantum options that protect against harvest-now-decrypt-later attacks for a large portion of traffic, making these protections available by default to help enterprises.
Preparing for the Transition
Enterprises should start with a cryptography inventory. Identify where RSA and other vulnerable algorithms are used, such as:
- VPNs and remote access solutions
- TLS and web services
- Secure email
- Document signing and encryption
- Code signing platforms
- File transfer systems
- Databases and internal applications
- PKI and certificate services
- Other certificate-based authentication systems
Next, prioritize high-value data and build cryptographic agility into procurement and development processes. The transition won’t happen overnight, but starting early avoids rushed, costly changes later. PQC isn’t just about compliance; it’s about protecting your business’s future in a quantum world. For many organizations, one of the most significant transition areas will be enterprise PKI and certificate-based authentication systems.
Certificates and PKI
Enterprise PKI environments will be significantly affected by the transition to PQC. Certificates used for TLS, IPsec, VPN authentication, secure email, code signing, user and device identity, and document signing and encryption commonly rely on RSA or ECC algorithms.
AD CS and PQC Readiness
Microsoft has already begun introducing PQC capabilities into Active Directory Certificate Services (AD CS), including support for ML-DSA, with additional enhancements such as ML-KEM expected in future releases. These developments signal that enterprise PKI platforms are actively preparing for the transition to quantum-safe cryptography.
Act Now
Organizations should begin identifying certificate dependencies, reviewing CA architectures, and planning for cryptographic agility now.
More Information
Understanding where quantum-vulnerable cryptography exists in your environment is the first step toward a successful migration. If you’d like to learn more about PQC readiness, inventory strategies, or enterprise planning considerations, complete the form below, and I’ll provide more information.
