This section is titled PQC but a more appropriate terminology might have been Quantum-Safe Cryptography… I won’t miss the opportunity to talk about QKD if I can!
How I got into this #
An internal session delivered by Tim Szigeti was an eye-opener. He provided an overview of everything quantum without focusing specifically on security. He is a great speaker and I warmly recommend listening to the recording of one of his Cisco Live sessions — he has also been featured in an episode of a great podcast:
Following this, I quickly realised how serious the threat is and decided to dive deeper into the topic.
The timeline is moving fast #
At the time, the timeline for the emergence of a CRQC — a quantum computer strong enough to break regular crypto — was still pretty vague. Some were still talking about a 15-year timeframe. Recent findings have moved this much sooner: it could be as early as 2029.
If you want a solid overview of the landscape, I’d suggest looking for the study from the German Federal Office for Information Security (BSI): “Status of quantum computer development”. It is one of the most rigorous public assessments available.
Worth noting: Cisco is also an active player in this space — not in building quantum computers, but in helping interconnect them to build distributed quantum computers. A quantum switch has recently been announced.
Getting the foundations right #
Before diving into PQC or QKD, it helps to have a solid cryptography refresher. This IBM course is a good starting point:
QKD — the controversial alternative #
A treasure trove of information on the topic is the postquantum.com website. If you have no idea what QKD is, I’d highly recommend starting with these two articles:
- Quantum Key Distribution (QKD) 101: A Guide for Cybersecurity Professionals
- Next-Generation QKD Protocols: A Cybersecurity Perspective
You can also search for the paper titled “Position Paper on Quantum Key Distribution” — a joint publication by several prominent cybersecurity agencies. It highlights the fact that QKD remains a highly controversial topic in the security community.
PQC — the pragmatic path #
The alternative to QKD is PQC. IBM provides a good overview:
The IETF also produces detailed RFCs on the topic. However, this draft is particularly worth reading — it provides a pragmatic, engineer-focused overview of the field:
Don’t just focus on transport #
A common mistake is to focus exclusively on transport security (VPNs). That is a real concern — the harvest now, decrypt later threat is already active today. But identity is at least as important, if not more so.
The trust now, forge later threat would only materialise after Q-day, but you need to be ready before it happens. Secure boot and trustworthy hardware rely on certificates — what do you do when you can no longer trust your hardware root of trust?
Migration: harder than it sounds #
Once you gain awareness, it is time to think about migration. The EU has released a roadmap, and guidance from TCG (Trusted Computing Group) can help structure your approach. This is far from a simple exercise and will require careful planning.
This field is still evolving fast — I will continue sharing what I learn here.