Quantum computing represents a step change in how computation is performed, using quantum mechanics to solve classes of problems that are impractical or impossible for classical computers, such as breaking the encryption that we use today. While cryptographically relevant quantum computers do not currently exist, the cryptographic community is proactively developing quantum-resistant algorithms to ensure our security controls remain robust as computing capability increases.

Understanding this transition—what it means for your organisation, when action is needed, and how to prepare—helps avoid both complacency and unnecessary urgency.

Unsung will be releasing a more in-depth whitepaper on this topic entitled "PQC for the C-Suite" which we recommend to those in senior roles or key decision makers.

What Quantum Computing Means for Cryptography

Modern asymmetric cryptography—the foundation of how we protect digital information—relies on complex mathematical problems to transform data into an unreadable form. With today's classical computing technology, reversing this process without the correct key is computationally infeasible, which is what preserves security.

Quantum computers, using fundamentally different computational approaches, are expected to be capable of solving some of these mathematical problems far more efficiently. Once sufficiently powerful quantum systems become available, they could theoretically decrypt data protected by today's widely used asymmetric algorithms in a practical timeframe.

Shor's algorithm, developed in 1994, demonstrated that quantum computers could factor large integers and compute discrete logarithms efficiently—breaking the mathematical foundations of today's asymmetric cryptography. For symmetric cryptography, Grover's algorithm provides a more modest speedup, effectively halving key strength.

The takeaway is that current quantum computers lack the scale, error correction, and stability required to run these algorithms against real cryptographic systems. Most experts estimate that cryptographically relevant quantum computers are still years to decades away, but there is common agreement that a cryptographically relevant quantum computer is not a theoretical risk.

NIST Post-Quantum Standards

NIST has approved three core Post-Quantum Cryptography (PQC) standards published as FIPS 203, 204, and 205, including ML-KEM (Kyber) for key establishment, and digital signature algorithms ML-DSA (Dilithium) and SLH-DSA (SPHINCS+) for general use and backup, with FALCON (FNDSA) also selected for signatures but pending its own FIPS. These lattice-based (ML-KEM, ML-DSA) and hash-based (SLH-DSA) algorithms offer quantum resistance, with NIST continuing to evaluate other approaches.

These algorithms are based on mathematical problems—like finding short vectors in high-dimensional lattices—for which no efficient quantum algorithms are currently known. In basic terms, they provide a migration path to mitigate the risk of vulnerable algorithms. For more detail on the NIST roadmap, see our guide to navigating the NIST post-quantum cryptography roadmap.

The Harvest Now, Decrypt Later Consideration

One factor driving early preparation, and a risk which vendors often use to bring the quantum threat to life, is the "harvest now, decrypt later" scenario. An adversary could intercept and store encrypted communications today, waiting until quantum computers become capable of decrypting them in the future. There is significant evidence that nation-states are likely executing this strategy, as major government cybersecurity agencies base their official guidance on this premise.

This consideration is particularly relevant for data requiring very long-term confidentiality: classified government information with 30+ year protection requirements, long-term medical records, sensitive intellectual property, and similar high-value targets. For typical commercial data with shorter confidentiality requirements, this concern is less pressing.

Hybrid Cryptographic Approaches

During the transition period, hybrid approaches combine classical and post-quantum algorithms. A hybrid key exchange performs both traditional ECDH and a PQC key encapsulation, combining the results. Security is maintained if either algorithm remains secure.

Hybrid approaches provide continuity during the transition. Organisations maintain compatibility with existing systems while gaining protection against potential future quantum attacks. Major technology companies are already deploying hybrid approaches in their products.

Planning for Migration

Preparing for post-quantum cryptography involves several phases.

Discovery identifies where cryptography is used across your organisation—not just obvious PKI infrastructure, but embedded cryptography in applications, protocols, and hardware.

Assessment evaluates which systems handle long-lived sensitive data, which can be upgraded easily, and which will require significant effort. Development of roadmaps which incorporate technical refresh cycles will enable you to migrate in a cost-effective way, prioritised by data sensitivity and system characteristics.

Cryptographic agility—the ability to transition between algorithms without major infrastructure changes—should be built into new systems moving forward, as a move to PQC-resistant algorithms will not be a single step. As quantum computers continue to evolve, so will algorithms, driving the need to consistently update and change in the same way we update virus definitions or patch system vulnerabilities today. Transitioning between algorithms will require Hardware Security Modules (HSMs) that support new algorithms along with certificate management systems with the ability to handle new key types and larger certificate sizes.

Realistic Timelines

Depending on your geographical location, governmental advice on PQC preparedness differs, and we would encourage you to research this guidance as a starting point. Additionally, NIST has established a 2030 deadline for deprecating certain legacy algorithms, with full prohibition expected by 2035. These timelines acknowledge that cryptographic transitions take years to decades, and while there is no single approach to this challenge, for most organisations immediate action means beginning assessment and planning—not emergency migration.

Building PQC considerations into new system designs, understanding your cryptographic estate, and developing migration roadmaps positions you for smooth transition when the time comes. The G7 Cyber Expert Group's 2035 target for financial services provides a useful benchmark for regulated industries.

How Unsung Supports PQC Readiness

Unsung helps organisations prepare for post-quantum cryptography with balanced, pragmatic guidance. Our PQC readiness assessments as part of our PKI Health Check activity evaluate your current cryptographic estate, identify systems requiring attention, and develop migration roadmaps aligned with industry timelines.

We also help organisations build cryptographic agility into their infrastructure—ensuring future transitions require minimal disruption. Whether you need to understand your current exposure, plan for hybrid deployments, or prepare your PKI infrastructure for new algorithms, our specialists bring deep cryptographic expertise.

Contact Unsung to discuss how we can help prepare your organisation for the post-quantum future.