Just a short while ago, Post-Quantum Cryptography (PQC) was a niche term known only to cryptographers. A topic for academic papers, whiteboards, and late-night conversations in security labs. Today, it appears in industry publications, at security conferences, and even in governmental strategy papers. But what exactly is PQC - and why has it become such a hot topic?

What is Post-Quantum Cryptography?

Post-Quantum Cryptography refers to next-generation encryption and digital signature algorithms designed to withstand attacks by quantum computers. According to current studies and forecasts, quantum computers may become a reality in about 10 to 20 years – bringing capabilities that can crack problems classical computers would need billions of years to solve.

Quantum computers exploit the principles of quantum mechanics to perform certain computations far more efficiently than classical computers - enabling them to solve problems that were previously infeasible.

Among these are the mathematical challenges underlying today’s widely used encryption and digital signature standards, such as RSA (Rivest–Shamir–Adleman) and ECC (Elliptic Curve Cryptography). Both rely on mathematical problems like factoring large numbers or solving discrete logarithms – tasks that future quantum computers will be able to perform efficiently.

PQC, as the next generation of cryptographic algorithms, is designed precisely for this challenge. By relying on alternative mathematical foundations – for example lattice-based or code-based schemes – it provides cryptographic protection that remains robust even against quantum algorithms.

“Harvest now, decrypt later”: Why PQC already matters today

Ten to twenty years may sound like a long time – especially in the tech world, where innovations often become outdated within months. But this perception is misleading. Cybercriminals and even intelligence agencies have long been collecting encrypted data with the intention of decrypting it once quantum technology becomes powerful enough. This strategy is known as “harvest now, decrypt later.”

This means the threat is not a distant problem – it affects data that must remain confidential for years or even decades. Anyone working in finance, R&D, or the public sector cannot afford to wait for “Q-Day”, the moment when a quantum computer can break conventional encryption. Preparation must begin now.

PQC is therefore not a reaction to a hypothetical risk. It addresses a development that is already underway, even though its full impact will unfold gradually over the coming years. Implementing PQC today ensures that sensitive data remains protected tomorrow.

The race for security: Which new standards already exist?

For quantum-secure solutions to be practical and trustworthy in the long term, standards are essential. They ensure technological alignment, regulatory compliance, and long-term investment security. In August 2024, the U.S. National Institute of Standards and Technology (NIST) has published the first official Post-Quantum Cryptography standards. They mark a major milestone, laying the foundation for global adoption of quantum-resilient encryption.

The approved algorithms include:

• ML-KEM-1024
• ML-DSA (Dilithium), SLH-DSA (SPHINCS+), and FN-DSA (Falcon) for digital signatures

These standards define which algorithms will serve as future reference points – creating a unified technical basis for companies, government bodies, and software providers alike.

Both NIST and the European Union Agency for Cybersecurity (ENISA) also recommend a hybrid cryptographic approach, combining classical and post-quantum algorithms. This ensures existing systems remain secure while enabling a smooth and secure transition into the quantum era.

Quantum-secure into the future: How Tresorit is shaping the transition

At Tresorit, the shift toward quantum-secure encryption is already underway. Following the recommended hybrid approach, we are gradually integrating post-quantum cryptography into our proven security architecture. End-to-end encryption based on ECC remains at the core of all Tresorit solutions – now strengthened more than ever with PQC enhancements.

This positions Tresorit among the first providers to design quantum-secure safeguards today - protecting not only against future threats, but also against “harvest-now-decrypt-later” attacks.

Learn more about the security architecture of Tresorit.