Securing Information for The Quantum Era: Post-Quantum Cryptography

PQShield post-quantum cryptography

Dr Ali El Kaafarani, University of Oxford mathematician and founder of PQShield, explains how a new generation of cryptography will future-proof information security for the quantum era.

With some experts predicting that quantum computers will arrive within a decade, engineers around the world are racing to prepare for the security threat these super powerful machines will inevitably pose.

Quantum computers will easily be able to crack today’s public-key encryption methods, meaning the race is on to develop, standardise and deploy a new generation of encryption that is resistant to the quantum threat: post-quantum cryptography. Without this, all digital information is at risk – including precious intellectual property, commercial secrets, and information relating to national security, as I explained in my last article.

While there are other solutions in development, it is widely accepted by the likes of the NCSC (the US National Cyber Security Center) and NIST (the US National Institute of Standards and Technology) that post-quantum cryptography provides the best protection against the quantum threat.

What’s new about post-quantum cryptography?

The public-key encryption widely relied on today is based on what are known as ‘computationally hard problems’. But as Shor’s algorithm proved back in 1994, these hard problems will be easy for a large scale quantum computer to solve in seconds, making today’s public-key encryption redundant.

Instead, post-quantum cryptography goes way beyond the mathematical problems commonly used today. Drawing on multiple mathematical fields and principles, the foundations of post-quantum cryptography are incredibly complex, meaning not even a quantum computer will be able to crack them.

There are multiple sub-fields of post-quantum cryptography, including lattice-based, hash-based, code-based, isogeny-based and multivariate-based cryptography. These all vary slightly in their design, as explained in this white paper. Each approach has relative strengths, depending on your use case – for example, if you want to protect information in transit, in hardware components, or in software environments.

NIST: The road to standardisation

Security experts, mathematicians and governments already have confidence in post-quantum cryptography, but the real challenge is getting it out of the lab and into the organisations that are most vulnerable to the quantum threat – including manufacturing.

Standardisation is an important part of this process of widespread adoption. Members of my own team have been involved in the design, implementation, and scrutinisation of the upcoming NIST post-quantum cryptography standards, working with the world’s leading engineers and academics to establish a clear roadmap for a quantum-safe future. The project is now in its final stages, with official standards set to be announced within the next year.

Once that happens, we can expect the new post-quantum cryptography standards to become a requirement for many manufacturers and their suppliers – particularly for any companies working with government and critical infrastructure.

Getting one step ahead

Sooner or later, you’re going to have to overhaul your entire information security infrastructure to ensure your systems are quantum-safe and in line with the new standards. The same is true for any components that you are building, particularly for use in products with long life-cycles.

The earlier you start to prepare, the smoother this transition will be. Understanding what you’re up against is half the battle, so for more information about post-quantum cryptography, the upcoming NIST standards and how you can prepare, this new white paper series is a great place to start.


Dr Ali El Kaafarani is CEO and co-founder of information security company PQShield, where he helps businesses to prepare their systems for full quantum-readiness.

Share this post