Overview

Post-quantum cryptography (PQC) addresses the long-term security threat posed by quantum computers capable of running Shor’s algorithm, which can break the public-key cryptographic systems — RSA, ECDSA, Diffie-Hellman — that secure nearly all internet traffic and financial infrastructure today.

NIST finalized its first three PQC standards in August 2024 (FIPS 203, 204, 205), ending nearly a decade of evaluation. The U.S. government has mandated federal agencies migrate to these standards, with NSA’s CNSA 2.0 suite setting 2030–2033 deadlines for most national security systems. The private sector and standards bodies (IETF, IEEE) are actively integrating PQC algorithms into protocols including TLS, IKEv2/IPsec, and SSH.

The primary near-term threat is harvest now, decrypt later (HNDL): adversaries collecting today’s encrypted traffic for future decryption. This makes the migration timeline relevant now even though no cryptographically relevant quantum computer (CRQC) exists yet.

Editorial note: This section tracks implementation facts, not future speculation. “PQC-ready,” “quantum-safe,” and similar marketing terms are examined against specific algorithm support, protocol integration, software version availability, and FIPS validation status. Vendor claims are documented with verification status.

Key Themes

  • NIST finalized ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (SPHINCS+) as FIPS 203/204/205 in August 2024; these are the authoritative standards for migration planning
  • The recommended migration path is hybrid key exchange — combining classical ECDH with a PQC KEM — to preserve security even if one component is broken
  • Networking hardware vendors are at varying stages of PQC integration; most have published roadmaps but production-ready, standards-conformant implementations are limited as of early 2026
  • Cryptocurrency platforms face a deeper challenge: signature scheme migration in decentralized networks requires broad ecosystem consensus and may involve hard forks
  • The HNDL threat model means the migration clock is already running for long-lived sensitive data, even without an operational CRQC

Research Phases

Phase Focus Status
Phase 1 Networking vendors (Sitehop, Juniper, others) In progress
Phase 2 Cryptocurrency platforms (Bitcoin, Ethereum, others) Planned
Phase 3 Standards and policy (NIST FIPS, NSA CNSA 2.0, IETF) Planned

Topic Areas

  • Networking — PQC support across networking hardware and software vendors
  • Cryptocurrencies — Blockchain platform exposure and migration plans (Phase 2 — planned)

Sections

  • PQC in Cryptocurrencies — Post-quantum cryptography exposure analysis and migration plans for major cryptocurrency and blockchain platforms — Phase 2 research, planned.
  • PQC in Networking — Post-quantum cryptography support across networking hardware and software vendors: algorithms, protocol layers, firmware versions, and deployment timelines.