Post-Quantum Cryptography (PQC)

Why Trust Techopedia

What is Post-Quantum Cryptography?

Post-quantum cryptography (PQC) is the development of new cryptographic algorithms that can be used by classical computers and still protect them against the potential threats posed by quantum computing. PQC may also be referred to as quantum-proof cryptography or quantum-resistant cryptography.


Although quantum computers are still in the early stages of development, they are expected to eventually perform calculations so fast that they can reverse-engineer many of the cryptographic systems currently in use.

The development of secure post-quantum algorithms is a proactive measure to maintain the integrity of sensitive data at rest, data in use, and data in transit and protect it from potential cyberattacks conducted with quantum computers.

Techopedia Explains the Post-Quantum Cryptography Meaning

Techopedia Explains the Post-Quantum Cryptography Meaning

Cryptography is the science of using mathematical theories and computational algorithms to secure data. Post-quantum cryptography definitions describe a branch of cryptography that focuses on using mathematics to create encryption tools that will work in current IT infrastructures but be resistant to attacks by quantum computers.

Quantum computers are not yet widely available for commercial use due to their high cost and complex operational needs. However, once they reach a sufficient level of maturity and power, quantum computers could break cryptographic algorithms like RSA, ECC, and DSA. This is important because these algorithms are currently used to secure online transactions, email communication, financial data, and other sensitive information.

The Importance of Post-Quantum Cryptography

In 1994, mathematician Peter Shor developed an algorithm that could run on a quantum computer, factor large integers, and compute discrete logarithms exponentially faster than the cryptographic algorithms we are currently running on classical computers.

This was important because the encryption systems we use today rely on the difficulty of factoring large numbers or computing discrete logarithms for their security.

Essentially, Shor’s algorithm’s success ignited a race against time for cryptography research. Today, researchers focused on data protection are working hard to stay ahead of researchers exploring ways quantum computers can be used to break encryption.

Types of Post-Quantum Cryptography

The National Institute of Standards and Technology (NIST) is playing a leading role in standardizing post-quantum cryptography algorithms.

They are testing and evaluating several types of post-quantum cryptographic algorithms, including:

Lattice-based cryptographyCode-based cryptographyMultivariate polynomial cryptographyIsogeny-based cryptographyHash-based cryptography

Relies on the difficulty of solving problems in lattice geometry, such as finding the shortest vector in a high-dimensional lattice. Lattice-based algorithms are considered one of the most promising areas for PQC. They are versatile and can be used for encryption, digital signatures, and key exchange protocols.

Derived from the decoding of certain error-correcting codes, these algorithms are expected to be used for encryption and digital signatures. The security of code-based cryptographic systems relies on the difficulty of decoding randomly generated linear codes.

These cryptographic schemes are based on the difficulty of solving systems of multivariate quadratic equations over a finite field. The security assumption here is that multivariate polynomial cryptography will mainly be used for constructing digital signature schemes.

The security of these schemes relies on the difficulty of finding a path (or isogeny) between two elliptic curves. This type of cryptography is relatively new and has been proposed for constructing key exchange protocols.

Though not as versatile as other PQC methods, hash-based cryptography remains an important research area. Its security is based on the difficulty of finding collisions in hash functions.

How Post-Quantum Cryptography Works

Post-quantum cryptography is not based on the principles of quantum physics. It is based on number theory and the development of mathematical problems that will run on classical computers but be difficult for quantum computers to solve.

The objective is to ensure that encryption remains secure even when quantum as a service (QaaS) becomes widely available. The goal is to create encryption tools that can work within our current digital infrastructure without requiring significant changes.

PQC is still an active research field, and it seems likely there won’t be step-by-step directions for how to execute post-quantum cryptography anytime soon.

Implementing Post-Quantum Cryptography

The transition to PQC cryptographic standards is expected to be time-consuming because it involves developing and standardizing new cryptographic algorithms and updating existing systems, infrastructure, and best practices. 

When post-quantum cryptography becomes widely adopted, RSA and other classical encryption methods are expected to gradually phase out. In some cases, legacy systems might continue to use traditional encryption standards due to technical or operational constraints. This would likely be in environments considered low-risk, however, or used in situations where updates to post-quantum standards would not be worth it in the short term.

Once PQC algorithms have been standardized, implementation will require collaboration between governments, technology companies, research institutions, and cybersecurity experts. It’s expected to be an iterative process that will require careful planning.

PQC algorithms will likely have different performance requirements than current encryption methods. Some algorithms might require more compute resources or memory, and hardware upgrades or algorithm optimizations might be needed to avoid performance bottlenecks and ensure smooth operation.

Security Considerations in Post-Quantum Cryptography

Data in sectors like healthcare, finance, and government is often archived and may need to remain in secure storage for decades because of compliance regulations.

There’s a real risk that adversaries will collect encrypted data now with the intent to decrypt it later using quantum computers. This strategy, which is known as “harvest now, decrypt later,” is an important consideration for PQC researchers.

In the future, certain industries are likely to be mandated to use post-quantum cryptography to achieve the desired security level for confidentiality, integrity, and authenticity (CIA).

The Challenges of Post-Quantum Cryptography

The biggest challenge moving forward will be to figure out which new cryptographic algorithms are most resistant to quantum attacks and can be integrated into existing systems with minimal disruption.

You can expect the process of standardizing post-quantum cryptographic algorithms to be lengthy and complex. It will involve policy changes, regulatory changes, and logistical coordination across countless organizations, governments, and industries worldwide.

Technical issues related to performance are another concern. Some post-quantum algorithms will require larger encryption key sizes, which has implications for bandwidth and storage requirements.

Considerations will also need to be made for Industrial Internet of Things (IIoT) environments whose embedded systems and IoT devices have limited processing and storage resources. In this use case, the impact on system performance and interoperability between systems using different PQC standards will have to be carefully evaluated to ensure practicality. This will involve extensive testing, evaluation, and consensus-building among cryptographic researchers, industry stakeholders, and standardization bodies.

Pros and Cons of Post-Quantum Cryptography

Like any technological shift or digital disruption, PQC comes with its set of advantages and challenges. Here are some of the pros and cons:


  • Resists classical and quantum attacks
  • Secures future and archived data
  • Boosts new cryptography research
  • Ensures vetted, secure, practical algorithms through standardization


  • Requires larger keys and more computational resources
  • Presents a steep learning curve due to new PQC math problems
  • Challenges integration with old systems
  • Lacks the extensive testing of classical algorithms
  • Necessitates software upgrades and personnel training for transition
  • Exhibits limited expertise among developers, cybersecurity professionals, policymakers

Future of Post-Quantum Computing

Post-quantum cryptography is a relatively new field. While many promising algorithms already exist, they have not undergone the same level of rigorous scrutiny as established classical cryptography methods. Careful and ongoing evaluation will be needed to identify any potential vulnerabilities or weaknesses before these algorithms are widely deployed in critical systems.

While NIST is evaluating the effectiveness of PQC algorithms and deciding which one to standardize, organizations can use the time to conduct a security audit and create a reference index for programming and application software that uses encryption. Once the strategies for post-quantum cryptography implementation have matured and a standard has been approved, the index can be used to develop a plan for how to upgrade or replace applications that require cryptography.

Quantum Computing vs. Post-Quantum Computing

When discussing PQC, it’s important to understand that “post-quantum cryptography” and “quantum cryptography” are not synonyms, even though the two terms sound similar.

Quantum cryptography (QC) researchers are investigating ways quantum physics can be used to secure communication. They are researching quantum key distribution (QKD) and ways the behavior of photons (light particles) can prevent eavesdroppers from intercepting communications without being detected. QKD is currently one of the most well-developed, practical applications of quantum cryptography today.

In contrast, the post-quantum computing meaning is focused on mathematics and developing new algorithms. It is an effort to protect sensitive data in a future where quantum computers are an everyday reality.

The Bottom Line

PQC researchers are developing new cryptographic algorithms that classical computers can use, but quantum computers can’t break. This initiative is in response to the discovery of Shor’s algorithm, which could theoretically break the cryptographic schemes currently in use.


What is Post-Quantum Cryptography in simple terms?

What is the difference between post-quantum cryptography and quantum encryption?

Is AES post-quantum?

What is the purpose of post-quantum cryptography?


Related Questions

Related Terms

Margaret Rouse
Technology Expert
Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.