Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

PQC Overview

Learn about the quantum threat and why post-quantum cryptography (PQC) matters for security.

Quantum Computing Threat

The quantum computing threat refers to the potential security risk that powerful quantum computers pose to traditional cryptographic systems, which primarily depend on classical computing methods.

Classical computers perform complex mathematical operations using binary operations—zeros and ones. For classical computers, calculating discrete logarithms for very large prime numbers is computationally impossible. As a result, security experts use the Diffie-Hellman (DH) algorithm or Elliptic Curve Diffie Hellman (ECDH) algorithm as a trusted method for secure key exchange. Similarly, RSA and Elliptic Curve Digital Signature Algorithm (ECDSA) algorithms are trusted methods for creating digital signatures.

Quantum computers work differently using qubits. A qubit can be 0, 1, or both at the same time due to superposition. This capability allows quantum computers to explore many possibilities at once, providing more processing power for solving certain problems. Quantum computers solve certain tasks much faster than classical computers, but they introduce new risks for traditional cryptography.

Traditional cryptographic algorithms such as RSA, Diffie-Hellman (DH), and Elliptic Curve Cryptography (ECC) depend on mathematical problems that classical computers can’t solve efficiently. Quantum computers can solve those problems, including discrete logarithms and factorization, much faster. Algorithms such as Shor’s and Grover’s enable quantum computers to compromise classical cryptography. Shor’s algorithm can break DH much faster than any traditional digital computer. Grover’s algorithm can reduce the security of symmetric encryption. The National Institute of Standards and Technology (NIST) considers larger key sizes, such as AES-256, secure.

Cryptographically Relevant Quantum Computers (CRQCs) are powerful quantum computers capable of breaking traditional public key cryptography. CRQCs do not exist today, but could be developed in the future.

Organizations should prepare for this shift by adopting post-quantum cryptography (PQC) standards and implementing quantum-resistant strategies to protect sensitive data from attacks by quantum computers.

Why PQC Matters

Quantum resistance is the ability of a cryptographic algorithm to remain secure even against an adversary computing method. Quantum-resistant cryptographic algorithms can withstand attacks from quantum computers. These algorithms use mathematical problems that are hard to solve even for powerful quantum computers like CRQCs.

PQC refers to these quantum-resistant algorithms that protect against quantum computing threats. PQC is an evolutionary enhancement of today’s public key infrastructure (PKI). PQC integrates into PKI to ensure it remains secure and trustworthy in the post-quantum era. PQC maintains long-term confidentiality, integrity, and authentication needs for secure communication.

The NIST addresses the quantum threat by standardizing PQC algorithms for global compliance. Table 1 shows NIST-approved PQC standards as Federal Information Processing Standards (FIPS) specifications.

Table 1: NIST PQC Specifications

Specification

Algorithm

Use Case

FIPS 203

Module-Lattice-Based Key Encapsulation Mechanism (ML-KEM), based on CRYSTALS-Kyber

Encryption for secure web applications.

FIPS 204

Module-Lattice-Based Digital Signature (ML-DSA), based on CRYSTALS-Dilithium

Authentication using digital signatures and detection of unauthorized access.

FIPS 205

Stateless Hash-Based Digital Signature (SLH-DSA), based on SPHINCS+

Robust authentication using digital signatures for long-term security.

The Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) promotes the adoption of quantum-resistant PQC algorithms using the strongest standardized key sizes—ML-DSA-87 and ML-KEM-1024. These algorithms align with NIST PQC standards to protect encryption, key exchange, and digital signatures against quantum attacks. CNSA 2.0 also recommends combining classical and PQC algorithms to enable gradual migration without disrupting operations.

In addition to PQC, Juniper Networks supports quantum-safe security technologies such as Quantum Key Distribution (QKD). Juniper integrates QKD with quantum-safe IPsec and MACsec implementations, offering an alternative approach to securing data against quantum computing threats.

Benefits

  • Quantum safe security—Mitigates vulnerabilities in classical cryptography and ensures resilience against attacks by quantum computers.

  • Protection against future threats—Defends against 'harvest now, decrypt later' threat model where attackers store encrypted data today for future decryption using quantum computers.

  • Modernize PKI—Complements PKI by integrating the quantum-resistant algorithms into the existing infrastructure.

Related Documentation