Copyright Fast Company
Quantum computing has the potential to bring tremendous advances across society, from medical research and drug discoveries to materials science and climate modeling. Like artificial intelligence, quantum’s advances offer a significant step change difficult for humans to comprehend. However, the risk of quantum innovation is that quantum computing will break the asymmetric cryptography protecting today’s digital systems, which include banking, health records, and nuclear energy, as well as devices such as medical devices, electric vehicles, and satellites. To address this, post-quantum cryptography (PQC) is designed to protect critical data and infrastructure, enabling digital trust—the foundation of everyday consumer and business technology—that can be preserved in the quantum era. Organizations today must make significant adjustments to accommodate this shift and follow a technology adoption curve along five emotional and operational stages. Subscribe to the Daily newsletter.Fast Company's trending stories delivered to you every day Privacy Policy | Fast Company Newsletters Stage 1: Denial Denial is widespread. Organizations often don’t view quantum computing as a legitimate threat, believe it’s decades away, or consider it an irrelevant academic topic. The idea of breaking current encryption is perhaps considered alarmist. In our recent survey, only 5% of 1,042 cybersecurity professionals reported having a PQC in place. They often haven’t conducted any assessment of their quantum risk, discussed PQC in their security planning, or even believe they can “deal with it later.” These organizations typically have a limited understanding of PQC or why it’s important. Significant industry developments make PQC a critical issue today. In August 2024, the National Institute of Standards and Technology (NIST) finalized its first post-quantum cryptography algorithms, the result of more than a decade of preparation. Soon after, Gartner issued a stark warning that classical cryptography will be unsafe from quantum by 2029. Finally, some governments have recently required PQC readiness by2030 for regulated industries and public-sector suppliers due to the impending obsolescence of affected encryption algorithms. Organizations are realizing that PQC is not just a nice-to-have, but a critical need. Stage 2: Bargaining A typical response to quantum’s threat is bargaining. Many organizations think that PQC may become important eventually, but not today. Some recognize the threat of quantum technology but prioritize other issues, such as AI advances, compliance, cloud migration, or cybersecurity upgrades. There are good reasons for this procrastination as IT teams work on more projects with fewer resources. Meanwhile, they’ve recently upgraded their transport layer security or rotated their certifications and may feel they can wait on PQC. However, as noted above, there isn’t as much time as many organizations believe. “Harvest now, decrypt later” attacks enable hackers to use quantum to decrypt current RSA data later. There’s also the schedule risk of a long, complex, enterprise-wide, multi-vendor cryptography upgrade. And Gartner’s 2029 quantum deadline fast approaches—especially since upgrading to PQC is not simple and can take time. Certificates can grow significantly. Transitioning from classical cryptography to post-quantum algorithms can result in public keys that are five times larger, private keys that are three times larger, and signatures that are eight times larger. So bandwidth needs grow, increasing TLS handshake time and network infrastructure needs. Small, embedded IoT devices may not be able to handle this size. In addition, hardware, software, infrastructure and small, embedded IoT devices may need updates, while addressing interoperability and performance challenges. Starting early is critical to understand all the company-wide infrastructure impacts. Stage 3: Anger Companies jumping into the PQC transition soon realize it’s more complicated than expected. The next phase, anger, sets in. advertisement Security engineers, infrastructure leads, and DevOps teams are soon overwhelmed by the complexities of certificate management, performance degradation, and infrastructure challenges resulting from PQC upgrades. They can’t simply swap in PQC or retrofit it on top of their infrastructure, but need to rethink their architecture and cryptographic workflows. Two key PQC algorithms are ML-KEM and ML-DSA. ML-DSA is an efficient, performance-oriented lattice-based scheme for online communications and real-time data processing, replacing RSA and ECC. ML-KEM replaces Diffie-Hellman as the key encapsulation mechanism, establishing key exchange in TLS. This mitigates “harvest now, decrypt later” attacks, leading to algorithm support from messaging apps such as Signal, WhatsApp, and iMessage. For TLS communications or encrypted session initiation, this is the starting point. Stage 4: Depression Once PQC’s technical realities set in, depression is next. Tens or hundreds of thousands of certificates need to be addressed. Organizational uncertainty arises—is this the domain of IT, security, DevOps, or compliance? Budget constraints limit required actions. An enterprise’s third-party software and hardware vendors aren’t prepared. Then, the decision between pure PQC or hybrid hierarchies. Pure PQC aligns with NIST’s long-term goals. You make just one change and avoid two migrations. However, potential risks stem from untested algorithms, and interoperability issues may arise with legacy systems. Hybrid is the choice for some organizations, combining classical and PQC algorithms in a single certificate for better compatibility with existing systems, and is backed by organizations such as ANSI and BSI. However, hybrid requires two migrations, from classical to hybrid and from hybrid to pure PQC. Also, hybrid requires much larger key and certificate sizes, impacting performance and infrastructure. Stage 5: Acceptance Ultimately, acceptance occurs when organizations transition from reactive to proactive actions: Create an inventory of all cryptographic assets, including certificates, across the enterprise. Test-pilot PQC certificates in a non-production setting Upgrade to TLS 1.3. Consult with third-party vendors Deploy updates to enterprise hardware and software You’ll also have to occasionally decommission outdated hardware or software. Finally, teams must assess infrastructure compatibility and performance for TLS endpoints, load balancers, IoT devices, and network capacity. Organizations may feel overwhelmed by PQC migration. Every organization faces complexity on the journey from denial to acceptance. However, taking action now positions organizations as security-first organizations. Security is a key benefit of post-quantum cryptography. But it’s also a longer-term investment in resilience, trust, and agility for the future. With a quantum future fast approaching, the best time to prepare is now. Deepika Chauhan is the chief product officer of DigiCert.
