The Need to Transitioning to Post-Quantum Cryptography

The emergence of Cryptographically Relevant Quantum Computer (CRQC), anticipated by some experts as soon as 2030 (termed “Q-day”), presents an unavoidable threat to current encryption algorithms. As noted in our previous post, PiQASO at a glance: Building Europe’s Quantum-Safe Future , these algorithms secure vital global data across sectors like defence, banking, infrastructure and air travel.

Consequently, cybersecurity authorities are raising the alarm, emphasizing the critical need to transition to post-quantum cryptography (PQC). The threat is immediate. Attacks known as “harvest now, decrypt later” are already happening, specifically the harvesting of encrypted data, which compromises future confidentiality. Furthermore, the potential impact on authentication, particularly the use of digital signatures, is highly alarming.

Regulatory bodies and industry leaders further underscore this urgency. For example, the U.S. National Institute of Standards and Technology (NIST) is actively working to standardize PQC algorithms, providing a pathway for organizations to future-proof their systems and products. Similarly, in Europe, upcoming regulations such as the Cyber Resilience Act compel manufacturers to integrate robust cybersecurity measures into their offerings and patch vulnerabilities, which may include cryptography and therefore require PQC. Delaying this transition risks not only significant data breaches but also non-compliance with these evolving legal frameworks.

What is Post-Quantum Cryptography?

When we talk about post-quantum cryptography we refer to a new generation of cryptographic algorithms designed to resist attacks from both classical and quantum computers. Unlike traditional encryption methods, PQC algorithms rely on mathematical problems that are believed to be resistant to quantum attacks. These algorithms are currently being rigorously tested and standardized by organizations like NIST, which has already selected several PQC candidates, such as FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism, based on CRYSTALS-Kyber and FIPS 204 Module-Lattice-Based Digital Signature Algorithm, based on CRYSTALS-Dilithium, for widespread adoption.

It’s important to note that PQC is not intended to replace all classical cryptography overnight. Instead, it serves as a critical supplement, particularly for systems that require long-term security. For manufacturers, this means integrating PQC alongside existing cryptographic protocols to create a hybrid approach that balances security and performance (see Challenges in Implementing PQC).

Challenges in Implementing PQC

This hybridization approach presented in the previous section is referred to as cryptoagility. This is an important concept in the transition to PQC, especially for manufacturers and organizations preparing for the quantum era. Indeed, it refers to the ability to quickly and seamlessly adapt, replace, or update cryptographic algorithms and protocols in response to evolving threats, standards, or technological advancements, without requiring major system overhauls or disruptions.

In practice, achieving cryptoagility involves not only providing patching capabilities but potentially adding extra update mechanisms to readily adapt to new cryptographic recommendations and standards. While algorithm updates are expected to be much less frequent than standard patches, implementing cryptoagility is complex. Challenges include maintaining retro-compatibility and potentially needing additional security validation for certified products.

Despite these implementation hurdles, the motivation for cryptoagility is compelling in the current threat landscape. As such, ANSSI recommends that cryptoagility features be a significant consideration in the benefit/risk analysis of future products (see ANSSI views on the Post-Quantum Cryptography transition).

Another significant hurdle is the performance overhead associated with PQC algorithms. These algorithms often require larger key sizes and more computational resources than their classical counterparts, which can strain devices with limited processing power, such as IoT sensors or embedded systems. Manufacturers must carefully evaluate the trade-offs between security and performance to ensure their products remain functional and efficient.

PQC Transition Roadmap

The transition to Post-Quantum Cryptography lacks a single, standardized roadmap. Instead, different authorities have published their own roadmaps, each proposing roughly the same steps but with a distinct target year for the full integration of PQC into products. We will examine three of these roadmaps: those from ANSSI, GCHQ’s NCSC and the European Commission.

For example, ANSSI defined here the following timeline in 2022:

Phase 1 (before 2025) - Hybridation to provide some additional post-quantum defense-in-depth to the pre-quantum security assurance.

Phase 2 (2025) - Hybridation to provide post-quantum security assurance while avoiding any pre-quantum security regression.

Phase 3 (2030) - Optional standalone post-quantum cryptography.

National Cyber Security Centre, part of GCHQ, has defined the following:

By 2028

- Define your migration goals
- Carry out a full discovery exercise (assessing your estate to understand which services and infrastructure that depend on cryptography need to be upgraded to PQC)
- Build an initial plan for migration

By 2031‍

- Carry out your early, highest-priority PQC migration activities
- Refine your plan so that you have a thorough roadmap for completing migration

By 2035

- Complete migration to PQC of all your systems, services and products.
- European Commission has defined the following:

Milestone 1: 31.12.2026 (First Steps):

- Identify and involve stakeholders.
- Support mature cryptographic asset management.
- Create dependency maps.
- Perform quantum risk analysis.
- Include the supply chain.
- Create a national awareness and communication program.
- Share knowledge and get involved with the NIS CG work stream on PQC.
- Develop a timeline and an implementation plan.

Main achievements:

- PQC transition planning and pilots for high- and medium-risk use cases have been initiated.
- Initial national PQC transition roadmaps have been established by all Member States.

Milestone 2: 31.12.2030 (Next Steps):

- Support cryptographic agility and a quantum-safe upgrade path.
- Allocate resources for the transition.
- Adapt certification schemes.
- Evolve the rules.
- Look for opportunities within the ecosystem.
- Considering transversal activities throughout the creation and implementation of the roadmap.
- Implement pilot use cases and contribute to testing centres.

Main achievements:
‍

- The PQC transition for high-risk use cases has been completed.
- PQC transition planning and pilots for medium-risk use cases has been completed.
- Quantum-safe software and firmware upgrades are enabled by default.

Milestone 3: 31.12.2035

- The PQC transition for medium-risk use cases has been completed.
- The PQC transition for low-risk use cases has been completed as much as feasible.


Where does PiQASO Stand?

The PiQASO project is fundamentally committed to developing a robust, high-performance, and adaptive cybersecurity framework capable of addressing the imminent threat posed by quantum computers. Our core objectives are designed to ensure a smooth, cost-effective, and compliance-governed transition to Post-Quantum Cryptography (PQC) across diverse industrial sectors.

Developing High-Performance, Cost-Effective PQC Solutions: A primary goal is the development of programmable optimizations and accelerators specifically engineered to significantly and cost-effectively enhance the performance of various cryptographic families, particularly PQC algorithms.

Ensuring Comprehensive Crypto-Agility: We are designing our architecture with intrinsic crypto agility at its core. This means providing the capability for flexible and rapid reconfiguration of applications and systems with different PQC crypto algorithms or their specific implementations. This ensures long-term resilience against unpredictable technological shifts.

Operationalizing Quantum-Safe Services for Legacy Systems: A key focus is supporting crypto agility through practical, operational implementations of the NIST final candidate PQC algorithms. This directly translates into ensuring the provision of quantum-safe application-layer encryption and decryption services for all existing (legacy) systems. By integrating PQC capabilities into a protective layer, we enable existing infrastructure, which may be costly or impractical to replace immediately, to benefit from quantum-safe security without extensive modification, thereby accelerating the transition timeline.

Enabling Coordinated, Policy-Governed Cryptographic Transitions: The project is dedicated to enabling users and systems to make coordinated, auditable cryptographic transitions. These transitions will be managed in a policy- and compliance-governed manner, ensuring that all security mandates, regulatory requirements, and corporate governance policies are met throughout the process. To achieve this, we offer PiQASO's PQC Ensemble through design modalities that possess certifiable security. This means the resulting solutions are not only secure but are also built following processes that facilitate formal security certification and accreditation, instilling high confidence in their protective capabilities.

Extensive Validation and Real-World Demonstration: To validate the robustness, performance, and applicability of our solutions, we have established an extensive demonstration plan. This plan involves 9 distinct end-users operating across a diverse range of critical infrastructure and services. These include:

- Automotive: Securing vehicle-to-infrastructure (V2I) communication and internal systems
- Autonomous Mobile Robots (AMR): Fortifying the security of AMR communications
- Finance: Ensuring the long-term confidentiality of transactional data and digital assets
- Energy Supply Chain: Securing smart grid communications
- Healthcare: Protecting remote patient monitoring and enhancing smart ambulances with PQC capabilities
- Aerospace: Safeguarding aviation industry testing and maintenance infrastructure against quantum threats
- Online Media: Ensuring the confidentiality and integrity of user communications and media content
- Unmanned Aerial Vehicles (UAVs): Protecting command, control, and data links
- Railway Monitoring: Securing real-time monitoring data, and maintaining the reliability and safety of the entire network.

This broad validation across real-world environments ensures that the PiQASO framework is adaptable, reliable, and truly effective in meeting the varying security and performance needs of the modern digital deployments as well as legacy systems.

Conclusion

The PQC transition is a multi-year, collaborative effort requiring coordination between engineers, standards bodies, and governments. By leveraging hybridization, cryptoagility, and phased roadmaps, organizations can mitigate quantum risks while ensuring interoperability and future-proofing their infrastructure. PiQASO project is clearly positioned to address the needs of the cryptographic transition. It is ready to use, ensures crypto-agility, and has been thoroughly tested through real-world use cases.