For decades, online security has relied on cryptographic systems that are robust against classical computers. But quantum computing changes the game. It threatens to undermine the mathematical foundations of widely used encryption methods, exposing sensitive data captured today to future decryption and exploitation. This looming threat has catalyzed a global effort to build quantum-safe cryptography, and a recent survey by Chhetri et al. offers a sweeping and useful view of how post-quantum cryptography (PQC) is evolving from academic evaluation to real-world deployment.
What Is Post-Quantum Cryptography and Why Does It Matter? Post-quantum cryptography refers to encryption methods designed to resist attacks from quantum computers. Unlike quantum cryptography, which uses quantum physics to secure communication, PQC is built on mathematical problems that are hard for both classical and quantum machines. This matters because quantum computers are expected to crack RSA and elliptic curve cryptography by the end of the decade, which form the backbone of internet security and enable the modern connected world. PQC ensures that even if quantum computers become powerful enough to break current systems, data encrypted with it remains safe. (Unfortunately, data encrypted with classical asymmetric cryptography and transmitted remains vulnerable.)
The survey organizes PQC into six major families, each based on different mathematical foundations:
- Lattice-based cryptography: Currently the frontrunner, used in NIST’s ML-KEM and ML-DSA standards. It relies on hard problems in high-dimensional grids and offers strong security and efficient performance but has a relatively short track record.
- Code-based cryptography: Built on the difficulty of decoding random error-correcting codes. It’s conservative, secure, and time-tested, but it requires careful engineering to handle large key sizes.
- Hash-based signatures: Hash security is rooted in the assumption that the underlying hash function behaves like a one-way, collision-resistant function. If the hash function holds up, the signature scheme holds up. There are no other mathematical assumptions or structures involved. SPHINCS+ is a notable example, offering simplicity and strong guarantees at the cost of large signature sizes.
- Multivariate cryptography: Uses systems of polynomial equations. Promising but requires significant additional research, as multivariate schemes have proven vulnerable to recent cryptanalytic attacks.
- Isogeny-based cryptography: Once attractive for its small key sizes, now considered risky due to recent breakthroughs in attacks.
- Multi-Party Computation (MPC)-in-the-Head: A newer cryptographic technique that builds zero-knowledge proofs using symmetric cryptographic components like block ciphers, alongside tools like pseudorandom generators and hash functions to simulate multi-party computation and construct secure proofs. It’s flexible but both immature and unproven.
Each family has different strengths, weaknesses, and levels of maturity. Lattice-based schemes dominate current standards due to their balance of security and practicality.
Performance and Communication Costs - Compared to classical cryptography, post-quantum algorithms often involve different trade-offs. For example, ML-KEM (based on Kyber) typically offers faster key exchange operations than elliptic curve Diffie-Hellman (X25519) on modern hardware, though it requires larger key sizes and slightly more bandwidth. Signature schemes like ML-DSA and FALCON offer fast signing and verification, though FALCON’s compact signatures pose complex implementation challenges, including greater susceptibility to side-channel attacks and greater difficulty in implementing, especially in constrained or high-assurance environments. Hash-based signatures like SPHINCS+ are slower and bulkier, making them less ideal for high-speed protocols but valuable for long-term security.
Hardware Acceleration and Side-Channel Protections
To make PQC practical, researchers are optimizing algorithms for hardware. AVX2 instructions on CPUs, FPGA pipelines, and even ASIC designs are being used to accelerate operations. However, hardware introduces new risks. Side-channel attacks, in which attackers derive secrets from power consumption or electromagnetic emissions, are a concern. Implementations must use constant-time operations, masking techniques, and appropriate compiler settings to avoid information leaks.
Integration Into Network Protocols: TLS, DNSSEC, and PKI
Integrating PQC into existing security protocols remains a complex challenge. TLS and DNSSEC are being updated to support PQC, but progress is slow, and there’s no broad agreement on timelines for development, standardization, and widespread adoption. Certificate authorities must adapt to new key formats, and many systems are not yet ready for the larger keys and signatures PQC requires. Hybrid approaches that combine classical and quantum-safe algorithms are being used to ease the transition and address uncertainties regarding the security guarantees of relatively new PQC algorithms. However, disagreements among key stakeholders about the suitability of hybrid PQC are generating friction, along with legacy systems, interoperability issues, and a lack of tooling, which are slowing adoption.
PQC and Quantum Technologies: Complement or Conflict?
Quantum technologies like Quantum Key Distribution (QKD) and Quantum Random Number Generators (QRNGs) offer new ways to secure communication. However, QKD requires a trusted key distributor, which introduces privacy risks and potential man-in-the-middle vulnerabilities. PQC, by contrast, does not rely on physical infrastructure and can be deployed over existing networks. While QRNGs can enhance entropy sources for PQC, the two approaches serve different roles and must be carefully integrated.
What the Researchers Set Out to Do
The authors of the survey intended to bridge the gap between theory and practice. They mapped the full landscape of PQC, from mathematical foundations to deployment challenges. Their goal was to provide a practical reference for researchers, engineers, and policymakers navigating the transition to quantum-safe systems.
By offering a clear taxonomy, performance benchmarks, and system-level insights, the survey helps stakeholders make informed decisions. It highlights the importance of crypto agility, the ability to switch algorithms in a modular manner as threats evolve and emphasizes hybrid migration strategies. The inclusion of a curated repository of tools and resources further supports adoption and experimentation.
Implications, Next Steps, and the Way Ahead
The road to quantum-safe security is long and complex. Key next steps include:
- Improving implementation security: Side-channel resistance must be a priority.
- Standardizing protocols and certificates: Significantly more work is needed to update PKI and network protocols.
- Supporting constrained environments: IoT, embedded systems, and high-assurance domains need tailored solutions.
- Maintaining assumption diversity: Relying solely on lattice-based schemes could be risky. Continued research into alternative families is essential.
- Educating stakeholders: Non-technical decision-makers must understand the urgency and implications of PQC.
The transition to post-quantum cryptography is a re-conception of digital trust in the face of future threats. As quantum computing advances, the work of researchers like Chhetri et al. provides a roadmap for securing our digital infrastructure before it is too late.
This article is shared with permission at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators-of-compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please contact the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
Comments