Post-Quantum Cryptography: When Must Enterprises Act?

"Harvest now, decrypt later" – attackers are collecting encrypted data today to decrypt it once quantum computers become powerful enough.

The question is not IF, but WHEN. And for IT decision makers, this means: Plan now to avoid panic later.

The Quantum Computer Problem

What Quantum Computers Can (Will) Do

Current encryption is based on mathematical problems that are practically unsolvable for classical computers:

• RSA: Factorization of large numbers
• ECC: Elliptic curve problem
• Diffie-Hellman: Discrete logarithm

The problem: Quantum computers with Shor's algorithm solve these problems in polynomial time – practically instantly.

What This Means

The Timeline

When does it become critical?

But: "Harvest now, decrypt later" means that data intercepted today can be decrypted in the future.

Relevance by data lifespan:

Post-Quantum Cryptography (PQC)

What Is PQC?

Post-quantum cryptography uses mathematical problems that even quantum computers cannot solve efficiently:

• Lattice-based: CRYSTALS-Kyber, CRYSTALS-Dilithium
• Hash-based: SPHINCS+
• Code-based: Classic McEliece
• Multivariate: Less promising

NIST Standards (Finalized 2024)

The US NIST published the first PQC standards in 2024:

Advantages and Challenges

Advantages:

• Quantum-safe (according to current knowledge)
• Standardized and reviewed
• Implementations available

Challenges:

• Larger keys and signatures
• Higher computational overhead
• Compatibility issues
• Little practical experience yet

Where PQC Is Relevant

Area 1: TLS/HTTPS

Status:

• Chrome and Firefox experimentally support Kyber (ML-KEM)
• Cloudflare offers PQC-TLS
• AWS, Google Cloud experimenting

Action required:

• Medium: Browser-side usually automatic
• Server: Update to current TLS stacks

Area 2: VPN & Network

Status:

• WireGuard working on PQC support
• Some commercial VPNs offer PQC
• Cisco, Palo Alto in development

Action required:

• High: For sensitive network connections
• Evaluate PQC-capable solutions

Area 3: Email Encryption

Status:

• S/MIME and PGP: No broad PQC support yet
• Proton Mail experimenting
• Standard development ongoing

Action required:

• Medium to high for sensitive communications
• Alternative: Hybrid approaches

Area 4: Digital Signatures

Status:

• Code signing: First PQC certificates
• Documents: PDF signatures still classical
• Blockchain: Increasingly a topic

Action required:

• High: For long-term valid signatures
• Especially: Software signing, contracts

Area 5: PKI & Certificates

Status:

• CAs beginning PQC experiments
• Hybrid certificates in development
• IETF standards in progress

Action required:

• High: PKI is foundation of many systems
• Early planning necessary

The PQC Migration Plan

Phase 1: Inventory (Month 1-2)

Create crypto inventory:

Answer questions:

1. Where is asymmetric cryptography used?
2. Which data is long-term sensitive?
3. Which systems are hard to update?
4. What dependencies exist?

Phase 2: Risk Assessment (Month 3)

Risk matrix:

Prioritization:

1. Highest priority: Long-lived secrets
2. High priority: VPN, internal communication
3. Medium priority: Web TLS
4. Lower priority: Symmetric crypto (AES sufficient)

Phase 3: Strategy (Month 4)

Options:

Recommendation for most enterprises:

• Hybrid approaches as transition
• Prioritize critical systems
• Roadmap for complete migration

Phase 4: Pilot Projects (Month 5-8)

Recommended pilots:

1. TLS with Kyber:

   • Migrate web server to PQC-TLS
   • Use Cloudflare or AWS CloudFront
   • Measure performance

2. VPN with PQC:

   • Test environment with PQC-VPN
   • WireGuard with PQ extension
   • Test latency and stability

3. Internal Signatures:

   • Code signing with Dilithium
   • Test document signatures
   • Check workflow compatibility

Phase 5: Rollout (Month 9-24)

Migration roadmap:

2026: Inventory, strategy, first pilots
2027: Hybrid TLS implementation, VPN migration
2028: Plan PKI renewal, signature migration
2029: Full PQC capability for critical systems
2030: Complete main migration

Technical Implementation

TLS with Kyber (ML-KEM)

Nginx configuration (example):

ssl_protocols TLSv1.3;
ssl_ecdh_curve X25519Kyber768Draft00:X25519:secp384r1;

OpenSSL 3.2+ supports:

• Kyber512, Kyber768, Kyber1024
• Hybrid variants

VPN with PQC

WireGuard + PQ:

• Rosenpass project for WireGuard
• Hybrid key exchange

Commercial options:

• Cloudflare WARP (experimental)
• Tailscale (in development)

Code Signing

First steps:

1. Test environment with Dilithium
2. Parallel signatures (classical + PQC)
3. Build verification infrastructure

Costs and Resources

Typical Efforts

Resource Requirements

Skills:

• Cryptography fundamentals
• PKI expertise
• Network security

External support:

• Recommended for inventory and strategy
• Specialists for PKI migration
• Penetration testing after migration

FAQ: Frequently Asked Questions

"Do we need to act NOW?"

Answer: Depends on data sensitivity and lifespan.

• State secrets: Yes, immediately
• Trade secrets: Within 2 years
• Standard business: Create roadmap, implement 2027-2028

"Is AES-256 still secure?"

Answer: Yes. Symmetric cryptography is less affected.

• AES-256 provides ~128-bit security against quantum attacks (Grover's algorithm)
• That's still very strong
• Focus on asymmetric crypto (RSA, ECC)

"Will our TLS connections become insecure?"

Answer: Not immediately, but...

• Currently intercepted traffic could be decrypted later
• "Harvest now, decrypt later" is real
• Perfect Forward Secrecy helps, but session keys are also vulnerable

"What about blockchain/Bitcoin?"

Answer: Also affected.

• ECDSA signatures can be broken
• Public keys = attack target
• Bitcoin community working on solutions

"Can we wait for vendor updates?"

Answer: Partially.

• Large vendors (Microsoft, Google, AWS) will update
• But: Your own PKI, legacy systems, custom software need active migration
• Inventory and planning is YOUR job

Checklist: PQC Readiness

Immediately

• Start crypto inventory
• Data classification (lifespan)
• Awareness with management

Short-term (6 months)

• Complete risk assessment
• Create roadmap
• Plan budget
• First pilots

Medium-term (12-24 months)

• Hybrid TLS implementation
• Evaluate VPN migration
• Plan PKI renewal
• Signature strategy

Long-term (2027+)

• Complete migration
• Replace legacy systems
• Continuous monitoring
• Follow standards updates

Conclusion

Post-quantum cryptography is not panic, but also not "tomorrow's problem." The right time to plan is NOW.

The three most important steps:

1. Know what you have – Crypto inventory
2. Understand what's critical – Evaluate data lifespan
3. Create roadmap – Not everything at once, but planned

Need support with PQC planning? We help with inventory, risk assessment, and migration roadmap. Get in touch