What is PQC (Post Quantum Cryptography)
In 2024, the U.S. National Institute of Standards and Technology (NIST) officially released the first-ever post-quantum cryptography (PQC) standards, marking a major turning point in the global cybersecurity landscape. In March 2025, NIST expanded the scope of these standards by adding HQC, a code-based algorithm, as a new finalist. Meanwhile, following Google’s announcement of quantum supremacy, major players like IBM and Chinese research institutions have rapidly introduced more advanced quantum computers, significantly accelerating potential threats to traditional encryption systems.
Today, most digital security infrastructure—ranging from internet banking and e-commerce to government communications—still relies on classical encryption methods such as RSA and ECC. However, experts warn that by around 2035, quantum computers could render these algorithms obsolete. A growing concern is the threat of “Harvest Now, Decrypt Later” attacks, where encrypted data is collected now and decrypted in the future once quantum capabilities advance, putting long-term sensitive information at serious risk.
To counter these risks, governments and private enterprises worldwide are accelerating the adoption of PQC. As policy roadmaps and migration projects rapidly take shape, PQC is emerging as a cornerstone of future-proof cybersecurity strategies.
What Is Post-Quantum Cryptography (PQC)?
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to resist decryption by quantum computers while still functioning efficiently on today’s classical systems. Unlike quantum cryptography—which relies on the principles of quantum mechanics for secure communication—PQC can be implemented directly on existing IT infrastructure.
Conventional encryption algorithms such as RSA and ECC are based on hard mathematical problems like integer factorization and the discrete logarithm. However, quantum algorithms like Shor’s algorithm can solve these problems exponentially faster, posing a major threat to current encryption schemes. While quantum computers today have not yet reached the capability to break RSA or ECC in real-world applications, experts anticipate viable quantum attacks to emerge in the mid-to-late 2030s.
Crucially, migrating global systems to PQC-compatible encryption will take a decade or more. As a result, countries including the U.S., EU members, South Korea, and others have already begun implementing phased PQC adoption roadmaps.
PQC Algorithms: Structure and Categories
Post-quantum cryptographic algorithms are based on mathematical problems considered resistant to quantum attacks. These algorithms fall into several major categories:
1. Lattice-Based Cryptography
Lattices are multi-dimensional grids of points arranged in a regular pattern. Lattice-based cryptography relies on the hardness of problems like finding the shortest vector in a lattice or the closest vector to a given point. Currently, this category is the backbone of NIST’s PQC standards. Notable algorithms include CRYSTALS-Kyber (now ML-KEM for key exchange), CRYSTALS-Dilithium (now ML-DSA for digital signatures), and FALCON. These algorithms offer an ideal balance of performance, security, and key size, making them suitable for widespread adoption.
2. Code-Based Cryptography
Based on error-correcting codes, this method has a long history, dating back to McEliece in 1978. It leverages the difficulty of decoding linear codes. McEliece and HQC are key representatives. HQC was added as a new finalist in 2025, while McEliece is praised for its long-term data protection capabilities, despite its notably large public key size.
3. Hash-Based Signatures
These signatures utilize cryptographic hash functions. SPHINCS+ has been adopted as a PQC signature standard by NIST in 2025. Though conservative and secure, it has slower signing and verification speeds. However, its stateless design makes it ideal for firmware and certificate usage.
4. Multivariate Cryptography
Based on solving systems of multivariate polynomial equations, this method offers small signatures and fast verification. However, large key sizes and past vulnerabilities in some variants have hindered standardization.
5. Isogeny-Based Cryptography
This category uses isogenies (homomorphisms) between elliptic curves. While attractive for its small key sizes, recent successful attacks on the SIKE algorithm have excluded it from current NIST candidate lists as of 2025.
In summary, lattice-based cryptography is the most viable for widespread use due to its versatility and performance. Code-based and hash-based schemes are also useful in specific scenarios, while multivariate and isogeny-based methods require further research and validation.
Global PQC Standardization and Policy Landscape
The U.S. NIST has taken the lead in PQC standardization. Since 2016, NIST has conducted an extensive global competition to evaluate PQC algorithms. In August 2024, it officially announced ML-KEM (formerly Kyber), ML-DSA (formerly Dilithium), and SLH-DSA (formerly SPHINCS+) as PQC standards. In March 2025, HQC was added as a finalist, and FALCON is also undergoing further standardization review. Beyond algorithm selection, NIST also provides implementation guidance, recommended parameters, and security validation to support real-world deployment.
Europe, through institutions like ETSI, is actively conducting PQC research and shaping regional policies. International standardization is progressing through ISO and ITU channels, with interoperability testing and certification initiatives emerging in China, Japan, and across the EU. China is pushing its own national standards and integrating PQC into its government cybersecurity frameworks. In South Korea, organizations like the National Intelligence Service and KISA have published a PQC roadmap and are currently running transition testbeds across financial, public, and healthcare sectors.
PQC: The First Step Toward a Secure Digital Future
Post-quantum cryptography is no longer a futuristic concept. It is an urgent requirement in the age of rapidly advancing quantum technology. By the mid-2030s, operational quantum computers are expected to compromise RSA and ECC within short timeframes, and the threat of “Harvest Now, Decrypt Later” attacks is already a reality.
Given the massive and complex nature of global digital infrastructure, implementing PQC will take years of coordinated planning and execution. That’s why organizations must act now. Adopting hybrid encryption models, setting clear policy roadmaps, and transitioning to standardized PQC algorithms are no longer optional—they are essential.
The level of cybersecurity in the quantum era will directly depend on how quickly and broadly we prepare today. By understanding and implementing PQC, governments, enterprises, and individuals can ensure a secure digital society—even in a world reshaped by quantum computing.
Click here to subscribe our Newsletter
Click here for inquiries regarding the partner system of Penta Security
Check out Penta Security’s product lines:
Web Application Firewall: WAPPLES
Database Encryption: D.AMO
Check out the product lines of Cloudbric by Penta Security:
Cloud-based Fully Managed WAAP: Cloudbric WAF+
Agent based Zero Trust Network Access Solution: Cloudbric PAS
Agentless Zero Trust Network Access Solution: Cloudbric RAS
Click here for inquiries regarding the partner system of Cloudbric