Table of contents
- Public key cryptography and the quantum threat
- What is post-quantum cryptography
- What is quantum cryptography
- Difference between post-quantum and quantum cryptography
- The role of NIST and emerging standards
- Future scenarios: when will strongencryption be really necessary?
- Integration with blockchain, IoT and cloud
- The problem of reverse decryption
- Which path to follow?
With the advent of quantum computing, the field of cyber security is called to a profound rethink. On one hand, we have quantum cryptography, which directly exploits the laws of quantum mechanics to ensure the security of communications.
On the other hand, post-quantum cryptography (or post-quantum cryptography ) proposes a family of classical encryption algorithms but designed to resist future quantum attacks. This article delves into the difference between post-quantum and quantum cryptography, examining their advantages, applications and long-term scenarios.
Public key cryptography and the quantum threat
Most current public key cryptography systems, such as RSA, Diffie Hellman , and ECDSA digital signatures , rely on the computational difficulty of problems such as prime number factorization or discrete logarithms.
With the arrival of sufficiently powerful quantum computers, these problems could be solved in a reasonable time using Shor’s algorithm, thus putting billions of encrypted data at risk.
In an RSA system, for example, security is based on the fact that, given two prime numbers multiplied together, it is extremely difficult – for a classical computer – to trace back to the factors. But a quantum computer, thanks to quantum interference and superposition of states, can factor these numbers much faster.
As a result, the entire web security infrastructure, including TLS/SSL, software signing, encrypted emails and blockchain, could be compromised .
What is post-quantum cryptography
Post -quantum cryptography does not rely on properties of quantum mechanics , but on classical cryptography algorithms designed to be resistant to quantum computers . The goal is to ensure security even after quantum computers have reached a capacity that breaks traditional schemes.
Among the most promising families of algorithms we find:
- Bbased schemes
Considered among the most robust and efficient, both on classical computers and in a post-quantum context. Examples: Crystals-Kyber (for encryption) and Crystals-Dilithium (for digital signatures). - Code-based ciphers
Like McEliece, robust but less efficient in terms of key size. - Hash-based schemes
Like SPHINCS+, they use secure hash functions to build digital signatures. - Multivariate polynomial cryptography
Exploits the difficulty of solving systems of multivariate polynomial equations.
A distinctive feature is that post-quantum cryptography is designed to run on classical computers . This means that it can be implemented today, without waiting for quantum hardware.
What is quantum cryptography
Quantum cryptography, on the other hand, relies on the laws of quantum mechanics to create intrinsically secure communication systems. Its best-known application is Quantum Key Distribution (QKD), and in particular the BB84 protocol, developed by Bennett and Brassard in 1984.
QKD allows two parties to share a secret private key in such a way that any attempt at eavesdropping is automatically detected, since observing a quantum state inevitably alters its contents. The theoretical advantages are enormous: in principle, security is guaranteed by physical laws, not by computational problems .
However, current limitations of quantum cryptography include:
- Limited distance
Quantum communications lose coherence quickly, making long-distance connections difficult without quantum repeaters. - Dedicated infrastructure
Specialized optical or satellite channels are required, often not compatible with existing networks. - High cost and technological complexity still prohibitive for large scale.
Difference between post-quantum and quantum cryptography
Understanding the difference between post-quantum and quantum cryptography is essential to developing transition strategies in cyber security. Here are the main contrasts:
| Characteristic | Post-Quantum Cryptography | Quantum Cryptography |
| Operating principle | Classical algorithms resistant to quantum computing | Use quantum mechanics |
| Running on Classic Computers | Yes | No |
| Availability today | Yes (already in the standardization phase) | Limited, experimental |
| Current Applications | Software, TLS, blockchain, encrypted communications | Key transmission via QKD |
| Quantum Hardware Dependence | No | Yes |
| Maturity level | High (NIST has selected standards) | Low, still in prototype stage |
| Scalability | High, compatible with existing infrastructure | Low, requires dedicated channels |
The role of NIST and emerging standards
The US National Institute of Standards and Technology launched an international competition in 2016 to select encryption algorithms quantum-resistant. After years of analysis, the winners of the first selection round include:
- Crystals-Kyber
A lattice-based encryption scheme , considered secure and efficient. - Crystals-Dilithium
For digital signature , also based on lattices, with excellent ratio between speed, key size and robustness.
These algorithms will enter the phase of official standardization, and represent the heart of post-quantum cryptography in the coming decades.
Future scenarios: when will strongencryption be really necessary?
Many experts expect that within 10 to 20 years, quantum computers will be powerful enough to pose a real threat. This period, often referred to as “Y2Q” (Years to Quantum), is crucial for the early adoption of quantum-resistant cryptography.
The most likely scenario will be a gradual transition. Organizations will start using post-quantum algorithms in parallel with traditional ones (dual mode), and then eliminate them once the risks become concrete.
In parallel, quantum cryptography could find niche applications, in sectors such as defense or ultra-secure telecommunications, where the installation of dedicated channels is sustainable.
Integration with blockchain, IoT and cloud
Post -quantum cryptography is already being explored for integration with blockchains, IoT devices, and cloud services. Many projects, such as Ethereum 2.0, are exploring ways to update their digital signature algorithms to include resistant schemes .
In the IoT world, adopting algorithms like Crystals-Kyber poses challenges related to the limited computing power and memory of devices. But research is focusing on versions optimized for embedded environments.
Cloud providers (Google, AWS, Microsoft) are also experimenting with post-quantum TLS protocols to protect data in the long term, today and in the future.
The problem of reverse decryption
An often overlooked risk is that of reverse decryption : an attacker could intercept and save data encrypted using RSA or ECDSA today, and then decrypt it in the future with a quantum computer.
This threat is especially serious for data that must remain secret for decades (military, health, financial). This is precisely why the most sensitive companies are already adopting strong encryption today.
Which path to follow?
The choice between quantum cryptography and post-quantum cryptography depends on the context:
- Physically guaranteed protection and one can invest in dedicated infrastructure, quantum cryptography represents a unique technological achievement.
- If you are looking for a scalable, economical and implementable solution today, post-quantum cryptography is undoubtedly the most viable option.
For most companies and public administrations, integrating post-quantum algorithms now is a priority to ensure long-term security, in view of a world where quantum computing will be an accessible reality.
Questions and answers
- What is post-quantum cryptography?
It is a family of classical algorithms designed to resist attacks from quantum computers, without using quantum mechanics. - What is the difference between quantum and post-quantum cryptography?
The first one directly exploits quantum mechanics (e.g. QKD), the second one uses classical algorithms but designed to resist quantum attacks. - What are Crystals-Kyber and Crystals-Dilithium?
Two lattice-based algorithms, chosen by NIST as the standard for post-quantum cryptography (Kyber for encryption, Dilithium for digital signatures). - Is post-quantum cryptography already possible?
Yes, many experimental libraries and protocols are already available, including on cloud and TLS systems. - Is quantum cryptography more secure?
It is safe in physical principle, but currently unscalable and expensive. - What are the risks if we don’t move to post-quantum?
In the medium term, data encrypted today could be decrypted in the future with quantum computers (retro-decryption). - What does quantum-resistant encryption mean?
This means that the algorithms cannot be broken even by an advanced quantum computer. - Will Post-Quantum Cryptography Replace RSA and ECDSA?
Yes, it is intended to replace traditional methods in all secure communication protocols. - Is the United States investing in these technologies?
Yes, NIST has led the process of standardizing post-quantum algorithms globally. - Which industries will be the first to adopt strong encryption?
Governments, financial sector, cloud providers and industries with long-term protection needs.
