Protecting against quantum computer attacks with post-quantum cryptography
Quantum computers are far superior to conventional computers in specific tasks. Unfortunately, this also includes breaking cryptography. Therefore, as research into quantum computing progresses rapidly, the need for post-quantum security is becoming increasingly apparent.
In a world where quantum computers are becoming a reality, the risk of quantum computer attacks on traditional cryptographic mechanisms must be taken into account in order to ensure future-proof protection of information. We support you with various services in your transition to the post-quantum age.
Resistant to quantum computers
With post-quantum cryptography, you ensure that your product is resistant to attacks with quantum computers - as well as classic attacks.
Thinking about tomorrow today
Confidential information runs the risk of no longer being protected in the future. Post-quantum cryptography secures it at an early stage.
One step ahead of regulations
Compliance with legal requirements, such as the EU GDPR, can require a rapid transition. By switching early, you are demonstrating foresight.
What is post-quantum cryptography?
Post-quantum cryptography (PQC) is a subfield of cryptography and refers to cryptographic methods on classical computers that are secure against both known quantum computer attacks and classical attacks. Therefore, no quantum computer is required to develop, implement or use PQC.
With the help of such quantum computer-resistant key exchange methods, which are based on complex mathematical operations, it is already possible today to guarantee the confidentiality and protection of information in the long term.
Post-Quantum Security Whitepaper
In our free whitepaper we
- give an overview of how quantum computers will break today’s crypto, thus threatening all of today’s digital infrastructure,
- show how PQC can effectively prevent this scenario using classical computers,
- demonstrate why there is no time to waste and indeed the prerequisites to start the transition today are already there, and finally
- consider implementation aspects and show that all know-how for secure implementation of classical cryptography will also be necessary for PQC.
Download with restricted access
Benefits of post-quantum cryptography
Resistance to quantum computers
Post-quantum algorithms are specifically designed to withstand all known attacks with quantum computers.
Long-term security
Post-quantum cryptography enables organizations to guarantee the long-term security of encrypted data.
Protection against data compromise
Post-quantum algorithms (already today) offer greater protection against data compromise.
Increased trust
The implementation of post-quantum cryptography strengthens the trust of customers & business partners.
Suitable for security-critical applications
Post-quantum cryptography offers a robust security solution, especially for security-critical applications.
Post-quantum cryptography: our services at a glance
Initial training & awareness workshops
Support for your secure product design
Support during your product development
Independent evaluation of your products
Certification of your products in various schemes
Support for migration to PQC in your security infrastructure
Current status of PQC standardization
Since 2016, the US National Institute of Standards and Technology (NIST) has been running a process to standardize quantum-resistant cryptographic algorithms for public keys.
The previous process consisted of three rounds of examination of the submitted PQC procedures. In the end, NIST announced its intention to standardize the following algorithms:
- CRYSTALS-Kyber
- CRYSTALS-Dilithium
- Falcon
- SPHINCS+
With FIPS 203, 204 and 205, NIST published three Federal Information Processing Standards (FIPS) for post-quantum cryptography on August 13, 2024, which are based on CRYSTALS-Kyber, CRYSTALS-Dilithium and SPHINCS+. These can be found on the NIST website. These can be found on the NIST website.
In addition, three further key encapsulation mechanism algorithms will be examined in a fourth round:
- BIKE
- Classic McEliece
- HQC
Furthermore, a new call has been opened to investigate further post quantum secure signature methods as an alternative to FIPS 205. The aim of the NIST processes is to standardize a certain number of algorithms for the post-quantum era that are based on different mathematical problems.
POST-QUANTUM CRYPTOGRAPHY
Particularly affected industries
Some industries will be particularly affected by the switch to post-quantum cryptography in the future. These include, among others:
Transportation and traffic
Vehicles should receive a (post-quantum) secure firmware over-the-air update (FOTA). This is particularly important in the areas of V2X, V2I, V2V and V2N/V2G.
Internet-of-Things (IoT)
IoT devices - especially Industrial IoT (IIoT) devices - rely on hardware implementations of cryptographic algorithms. Access to IoT devices is usually easy and therefore side channels protection plays a crucial role.
Finance
Credit and debit cards and (mobile) payment applications in particular must be appropriately upgraded at an early stage and thus protected against attacks.
Energy
In the energy industry, charging solutions for battery electric vehicles (BEV) or smart meter gateways (SMGW), for example, are affected by a rapid changeover.
Telecommunications
For example, mobile network operators (MNOs) must be able to store their network access data securely on SIM cards and protect them against manipulation and theft.
Health
The pharmaceutical and healthcare industries are affected by a switch to post-quantum cryptography when it comes to implants with wireless interfaces, for example.
Frequently asked questions (FAQ):
A quantum computer is a new type of computer that is clearly superior to the classic PC in terms of some problems. Instead of bits, a quantum computer works with qubits.
Qubits are the quantum computer equivalent of the classical bit. A bit can only store information as either “0” or “1”, but a qubit can also be in an intermediate state.
-
Asymmetric Cryptography: cryptography using two distinct keys, a private one (restricted to the key's owner) and an associated public key (known to everyone); each pair of public and private key can be used for an operation and its counterpart (e.g. encryption with public key, decryption with private key; signature generation with private key, signature validation with public key); can be used to communicate via untrusted channels without prior exchange of keys
-
Classical Cryptography: if used in context of post-quantum cryptography: mainly referring to asymmetric algorithms which are not secure against attacks with a quantum computer, e.g. RSA, ECC, DH, ECDSA
-
Key Exchange: computation of a shared secret by several parties in a protocol run; exchanged messages do not require confidentiality (but authenticity) to keep computed secret confidential
-
Post-Quantum Cryptography: cryptography, which can be used on classical computers and which is secure against both classical attacks as well as known attacks with quantum computer; uses different mathematical problems than classical cryptography; does not require a quantum computer
-
Superposition: property of quantum object to reside in a state between two basis states (e.g. 0 and 1); in contrast to common intuition, where objects are “either-or”: either here or there, either one or zero, etc.; in quantum physics (physics of small particles) this is not the case, but particles can be in an intermediate state
-
Symmetric Cryptography: cryptography using the same (pre-shared) key for an operation and its counterpart (e.g. encryption/decryption; creation/validation of a message authentication code); requires secure sharing of this key prior to first use
-
Quantum Computer: new kind of computing device highly superior to classical computers for specific tasks; instead of bits, quantum computers use qubits
-
Quantum Computing: computation using a quantum computer
-
Quantum Cryptography: cryptography using quantum physics with new hardware and new protocols
-
Entanglement: combination of several quantum objects acting as one entity; any change on one of these objects results in a simultaneous change of all entangled partners
-
Quantum Key Distribution: secure distribution of key material using quantum physical effects; currently still slow and with limited range between partners
-
Qubit: the quantum computer’s analogon to the classical bit; while a bit stores information as either a “0” or a “1”, a qubit can also reside in an intermediate state between 0 and 1
There are different assumptions in research as to when the first commercial quantum computers will be available. Some experts assume that quantum computers could be able to break cryptographic procedures in the next 10 to 20 years. Others estimate that this could take longer.
Yes, as post-quantum cryptography also works on conventional computers, no quantum computer is required to develop, implement or use PQC. Companies can therefore start the transition at an early stage.
Why we are a strong partner for you
Independence
Expertise
International network of experts
Industry experience
Tailor-made for you
