Learn · Post-Quantum Cryptography

Post-Quantum Cryptography: The Complete Guide

What post-quantum cryptography is, why it matters now, the NIST standards, how to migrate, and a full glossary of quantum-safe terms.

What is Post-Quantum Cryptography?

Post-quantum cryptography (PQC) is a new generation of cryptographic algorithms built to stay secure even against powerful quantum computers. Where today's public-key cryptography (RSA, ECC, Diffie-Hellman) relies on maths that a quantum computer can break, PQC is based on problems, such as structured lattices and hash functions, that remain hard for both classical and quantum machines.

PQC is not quantum computing itself. It is ordinary software and hardware cryptography that runs on the systems you already have, and is designed to replace the vulnerable algorithms that protect banking, communications, government and defence data today.

Why post-quantum, and why now?

A cryptographically-relevant quantum computer will use Shor's algorithm to break RSA, ECC and Diffie-Hellman. No one knows exactly when that machine will arrive, but the risk is already here through Harvest Now, Decrypt Later (HNDL): adversaries are recording encrypted traffic today to decrypt it once quantum computers are ready. Any data that must stay secret for years is already exposed.

The standards are finalised. In 2024, NIST published the first post-quantum standards (FIPS 203, 204 and 205), and organisations worldwide are now expected to inventory their cryptography and plan the migration. Because migrating a large estate takes years, the deadline that matters is the secrecy lifetime of your data, not the arrival of the quantum computer.

The NIST post-quantum standards

ML-KEM (FIPS 203) handles quantum-safe key establishment (key encapsulation). ML-DSA (FIPS 204) and SLH-DSA (FIPS 205) provide quantum-safe digital signatures, with SLH-DSA offering a conservative, hash-based option. During the transition, hybrid modes run a classical and a post-quantum algorithm together, so security holds even if one is later weakened.

How to migrate to post-quantum cryptography

A practical PQC migration follows four steps: Discover every place cryptography is used and build a Cryptographic Bill of Materials (CBOM); Quantify the quantum risk and Harvest-Now-Decrypt-Later exposure to prioritise; Migrate weak algorithms to NIST PQC using hybrid modes; and Operate quantum-safe with a post-quantum certificate authority, HSM integration and strong quantum entropy.

This is exactly what the AllSecureX QuantumVault platform automates, from code-level discovery and CBOM to automated migration, backed by the VajraX quantum hardware family.

What is a Cryptographic Bill of Materials (CBOM)?

A CBOM is a structured, machine-readable inventory of every cryptographic asset, algorithms, keys, certificates and protocols, in a system, expressed in the CycloneDX standard. Just as a software bill of materials (SBOM) lists your software components, a CBOM lists your cryptography, so you can answer the essential question: where are we quantum-vulnerable? It is the foundation of any credible migration.

Post-Quantum Cryptography Glossary

The essential quantum-safe terms, explained.

Post-Quantum Cryptography (PQC)
A family of cryptographic algorithms designed to remain secure against attacks by both classical and quantum computers. PQC is based on mathematical problems (such as structured lattices and hash functions) believed to be hard even for large quantum computers, and is replacing RSA and ECC.
Quantum Computer
A computer that uses quantum-mechanical effects (superposition, entanglement) to solve certain problems far faster than classical machines, including the maths that underpins today's public-key cryptography.
Q-Day
The hypothetical day a cryptographically-relevant quantum computer becomes powerful enough to break RSA, ECC and Diffie-Hellman. The exact date is unknown, which is why migration must begin now.
Shor's Algorithm
A quantum algorithm that efficiently factors large integers and computes discrete logarithms, breaking RSA, ECC and Diffie-Hellman.
Grover's Algorithm
A quantum search algorithm that halves the effective security of symmetric ciphers and hashes, which is why AES-256 and SHA-384/512 are preferred for long-term security.
Harvest Now, Decrypt Later (HNDL)
An attack strategy where an adversary records encrypted data today and stores it to decrypt once quantum computers mature. Long-life data is already at risk, making HNDL a present-day threat.
ML-KEM (FIPS 203)
Module-Lattice-based Key-Encapsulation Mechanism, the NIST-standardised algorithm for quantum-safe key establishment (formerly CRYSTALS-Kyber).
ML-DSA (FIPS 204)
Module-Lattice-based Digital Signature Algorithm, the NIST-standardised algorithm for quantum-safe digital signatures (formerly CRYSTALS-Dilithium).
SLH-DSA (FIPS 205)
Stateless Hash-based Digital Signature Algorithm, a conservative, hash-based NIST signature standard (formerly SPHINCS+).
Hybrid Cryptography
Running a classical algorithm (e.g. X25519) and a post-quantum algorithm (e.g. ML-KEM) together, so the connection stays secure even if one is later broken. The recommended way to transition safely.
Crypto-Agility
The ability of systems to switch cryptographic algorithms quickly and with minimal disruption, essential for the PQC migration and for future changes.
Cryptographic Bill of Materials (CBOM)
A structured, machine-readable inventory of every cryptographic asset (algorithms, keys, certificates, protocols) in a system, expressed in the CycloneDX standard. The foundation of any PQC migration.
Cryptographic Asset Inventory (CAI)
A complete map of where and how cryptography is used across an organisation, resolved to standard identities and risk verdicts.
Lattice-based Cryptography
A branch of PQC built on the hardness of problems in high-dimensional lattices, the basis of ML-KEM and ML-DSA.
Hash-based Signatures
Digital signatures whose security relies only on the strength of a hash function, used by SLH-DSA for high-assurance, conservative signing.
QRNG (Quantum Random Number Generator)
A device that produces true randomness by measuring physical quantum processes, rather than a deterministic software algorithm. Strong randomness is the root of all cryptographic trust.
Quantum Entropy
Randomness sourced directly from quantum phenomena, used to seed high-assurance key generation (for example, in the AllSecureX Qentropy appliance).
QKD (Quantum Key Distribution)
A method of exchanging keys whose security is based on the laws of quantum physics. QKD needs specialised hardware and complements, rather than replaces, post-quantum cryptography.
Quantum Sensing
The use of quantum systems to measure physical quantities (time, fields, motion) with extreme precision, an emerging field alongside quantum-safe security.
PKI / Certificate Authority (CA)
The public-key infrastructure that issues and manages digital certificates. A post-quantum CA issues certificates signed with PQC algorithms.
HSM (Hardware Security Module)
A hardened device that generates and protects cryptographic keys. PQC migration includes ensuring HSMs support post-quantum algorithms and strong entropy.
RSA / ECC
The public-key algorithms that secure most of today's internet. Both are broken by Shor's algorithm on a quantum computer and are being deprecated in favour of PQC.
Quantum Risk Quantification
Assessing and scoring an organisation's exposure to quantum attacks, including Harvest-Now-Decrypt-Later risk, to prioritise which systems to migrate first.

Frequently Asked Questions

What is post-quantum cryptography in simple terms?+

Post-quantum cryptography (PQC) is encryption designed to stay secure even against quantum computers. It replaces algorithms like RSA and ECC, which quantum computers can break, with new NIST-standardised algorithms such as ML-KEM and ML-DSA.

Is post-quantum cryptography available today?+

Yes. NIST finalised the first post-quantum standards (FIPS 203, 204, 205) in 2024, and platforms such as AllSecureX QuantumVault let organisations discover, quantify and migrate their cryptography to quantum-safe today.

What is Harvest Now, Decrypt Later?+

It is an attack where adversaries record encrypted data now and store it to decrypt once quantum computers are powerful enough. It means long-life data is already at risk, so migration should begin now.

What is a CBOM?+

A Cryptographic Bill of Materials is a machine-readable inventory of all cryptographic assets in a system (algorithms, keys, certificates), in the CycloneDX format. It is the starting point for a post-quantum migration.

How do I start a post-quantum migration?+

Begin by discovering your cryptography and building a CBOM, then quantify the quantum risk, migrate the highest-risk systems to NIST PQC using hybrid modes, and operate with a post-quantum CA, HSM and quantum entropy.

Ready to become quantum-safe?

Discover your cryptography, quantify the risk and migrate to post-quantum with AllSecureX.

Request a Briefing →