Post-Quantum Encryption

Extracted Attributes

• Purpose

  Development of cryptographic algorithms designed to withstand attacks from quantum computers

• Key Concepts

  Y2Q (Year 2 Quantum), Q-Day, Harvest now decrypt later, Mosca's theorem

• Field of Study

  Cryptography

• Alternative Names

  Quantum-proof cryptography, Quantum-safe cryptography, Quantum-resistant cryptography

• Standardization Body

  U.S. National Institute of Standards and Technology (NIST)

• Other Involved Organizations

  European Telecommunications Standards Institute (ETSI), Institute for Quantum Computing, European Commission

• Vulnerable Public-Key Algorithms

  Those relying on integer factorization, discrete logarithm problem, or elliptic-curve discrete logarithm problem (e.g., RSA standard)

• Current Status (Quantum Computers)

  Lack processing power to break widely used cryptographic algorithms as of 2025

• Relatively Secure Current Algorithms

  Most symmetric cryptographic algorithms and hash functions (e.g., AES, SHA-256)

• Countermeasure (Symmetric Cryptography)

  Doubling key size

• Algorithms Under Consideration/Recommended

  Merkle signature scheme, Stehle–Steinfeld variant of NTRU

• Primary Quantum Threat Algorithm (Symmetric)

  Grover's algorithm

• Primary Quantum Threat Algorithm (Public-Key)

  Shor's algorithm

Timeline

• The PQCrypto conference series, focusing on post-quantum cryptography, began. (Source: wikipedia)

  2006

• NIST announced the selection of the first group of four quantum-resistant cryptographic algorithms. (Source: web_search_results)

  2022-07-01

• NIST requested comments on three draft Federal Information Processing Standards (FIPS) for Post-Quantum Cryptography. (Source: web_search_results)

  2023-08-24

• The U.S. Secretary of Commerce approved three Federal Information Processing Standards (FIPS) for post-quantum cryptography. (Source: web_search_results)

  2024-08-13

• NIST released final versions of its first three Post-Quantum Cryptography Standards. (Source: Summary, wikipedia)

  2024

• Anticipated timeframe for "Y2Q" or "Q-Day," when current encryption methods are expected to become vulnerable to quantum computing attacks. As of this year, quantum computers are noted to still lack the processing power to break widely used algorithms. (Source: Summary, wikipedia)

  2025

Post-quantum cryptography

Post-quantum cryptography (PQC), sometimes referred to as quantum-proof, quantum-safe, or quantum-resistant, is the development of cryptographic algorithms (usually public-key algorithms) that are currently thought to be secure against a cryptanalytic attack by a quantum computer. Most widely used public-key algorithms rely on the difficulty of one of three mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm or possibly alternatives. As of 2025, quantum computers lack the processing power to break widely used cryptographic algorithms; however, because of the length of time required for migration to quantum-safe cryptography, cryptographers are already designing new algorithms to prepare for Y2Q or Q-Day, the day when current algorithms will be vulnerable to quantum computing attacks. Mosca's theorem provides the risk analysis framework that helps organizations identify how quickly they need to start migrating. Their work has gained attention from academics and industry through the PQCrypto conference series hosted since 2006, several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI), and the Institute for Quantum Computing. The rumoured existence of widespread harvest now, decrypt later programs has also been seen as a motivation for the early introduction of post-quantum algorithms, as data recorded now may still remain sensitive many years into the future. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively counteract these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. In 2024, the U.S. National Institute of Standards and Technology (NIST) released final versions of its first three Post-Quantum Cryptography Standards.

Web Search Results

• Next Generation Cryptography

  There are public key algorithms that are believed to have postquantum security too, but there are no standards for their use in Internet protocols yet. * Use both an authentication algorithm (esp-sha256-hmac is recommended) and an encryption algorithm (esp-aes is recommended). The following example shows a Cisco IOS Software or Cisco Adaptive Security Appliance (ASA) transform set configuration that uses 256-bit AES encryption and HMAC-SHA-256 authentication for ESP IPsec in tunnel mode: The following example shows a Cisco IOS Software IKE configuration that uses 128-bit AES for encryption, pre-shared key authentication, and 256-bit ECDH (Group 19): The following example shows a Cisco IOS Software IKEv2 proposal configuration that uses 256-bit CBC-mode AES for encryption, SHA-256 for the hash, and 3072-bit DH (Group 15):

• Post-quantum cryptography

  Post-quantum cryptography - Wikipedia Post-quantum cryptography Cryptography secured against quantum computers **Post-quantum cryptography** (**PQC**), sometimes referred to as **quantum-proof**, **quantum-safe**, or **quantum-resistant**, is the development of cryptographic algorithms (usually public-key algorithms) that are currently thought to be secure against a cryptanalytic attack by a quantum computer. The Post-Quantum Cryptography Study Group sponsored by the European Commission suggested that the Stehle–Steinfeld variant of NTRU, which _does_ have a security reduction be studied for long term use instead of the original NTRU algorithm. The Post-Quantum Cryptography Study Group") sponsored by the European Commission has recommended use of Merkle signature scheme for long term security protection against quantum computers. * _Post-Quantum Cryptography_. "Post-quantum cryptography". * Post-quantum cryptography Post-quantum cryptography

• NIST Announces First Four Quantum-Resistant ...

  — The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has chosen the first group of encryption tools that are designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in the digital systems we rely on every day — such as online banking and email software. The four selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, expected to be finalized in about two years. “Our post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”

• 5 Common Encryption Algorithms and the Unbreakables of ...

  **Encryption uses complex algorithms to scramble data and decrypt the same data using a key provided by the message sender.** Encryption ensures that information stays private and confidential, whether it's being stored or in transit. An **encryption key is a randomized string of bits used to encrypt and decrypt data**. Triple DES was designed to replace the original Data Encryption Standard (DES) algorithm, which hackers eventually learned to defeat with relative ease. **RSA** **is a public-key encryption algorithm and the standard for encrypting data sent over the internet**. You have your public key to encrypt the message and a private key to decrypt it. * ~~data encryption~~

• Post-Quantum Cryptography | CSRC

  Post-Quantum Cryptography | CSRC NIST IR 8545, Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process is now available.**_ NIST initiated a process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms.**Full details can be found in the Post-Quantum Cryptography Standardization page.** The goal of _post-quantum cryptography_ (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks. August 13, 2024 The Secretary of Commerce approved three Federal Information Processing Standards (FIPS) for post-quantum cryptography: August 24, 2023Comments Requested on Three Draft FIPS for Post-Quantum Cryptography **Security and Privacy:**post-quantum cryptography **Security and Privacy:**post-quantum cryptography