PQC: What does post-quantum cryptography mean?

Encryption solutions used today are threatened by quantum computers, which is why experts are working on new technologies that promise high security for data transmission on the Internet in the future.

Quantum computers are recognized as one of the most vital technological advancements of the 21st century. Jan Goetz, the CEO, and co-founder of IQM Quantum Computers, a Finnish company that specializes in quantum computing, emphasized the need for Europe to escalate its efforts to keep pace with the United States in quantum computing, in a guest article he wrote for Handelsblatt at the end of 2019.

What’s interesting is that in 2021, IQM, together with the Technical Research Centre VTT, completed the first quantum computer with 5 qubits in Finland. A successor with a capacity of 54 qubits is already in development and should be ready by 2024. Last summer, T-Systems announced direct access to IQM's quantum systems via the cloud. The Deutsche Telekom subsidiary has dubbed this technology “Quantum-as-a-Service” (QaaS).

Where quantum computers play a central role

At the presentation of the new offer, Adel Al-Saleh, Member of the Executive Board of Deutsche Telekom and Managing Director of T-Systems was pleased that Deutsche Telekom is expanding its quantum offer but emphasized how technology also plays a central role in Europe's competitiveness. T-Systems claims that quantum computers can solve problems in the future that are still too complex for today's systems, with “great potential in the areas of machine learning, security, optimization, and simulation”.

Quantum cryptography is a new field in quantum computing. It means developing cryptographic methods based on the special physical principles of quantum theory. The Federal Office for Information Security (BSI) mentions the topic of quantum key distribution (QKD) in particular. This process involves exchanging private keys as quantum states in the form of polarized photons.

What makes this special? Any attempt by an attacker to eavesdrop on communications will automatically result in a change in quantum states. Ultimately: This change of state cannot be hidden from the communication partners which means that nobody can eavesdrop on data protected with quantum cryptography.

Problems with quantum key distribution

In practice, however, the whole thing is still very complex and expensive, because QKD requires special hardware, for example. In addition, the maximum range is currently still a maximum of one hundred kilometers. Why? Even over fiber, the transmission losses increase greatly with distance, but the quantum states cannot be easily copied one-to-one. This would also cause them to change and falsify the data being transmitted.

Quantum repeaters are a possible way out of this dilemma, but they are still in development. A currently favored interim solution is trustworthy intermediate stations that decrypt the secret material, then encrypt it again and forward it to the next node. In this way, more than a hundred kilometers can be bridged.

Why post-quantum cryptography is important

Quantum computers do not only provide new high-security methods for data transmission. They also make existing methods for encrypting data that were previously considered secure obsolete.

Current public key procedures (PKI) with long keys cannot be cracked even with modern computers – at least according to current knowledge. This changes when quantum computers come into play. According to the BSI, the modern PKI is based on the “supposed difficulty of decomposing a natural number into its prime factors”. Such figures are easy to calculate but difficult to reverse. However, the American mathematician and computer scientist Peter Shor developed quantum algorithms 30 years ago that can “solve this problem efficiently”.

To be able to communicate securely even when powerful quantum computers are available, so-called post-quantum methods are urgently needed. Post-quantum cryptography therefore describes methods that must be so secure that they cannot be cracked even with a quantum computer. Interestingly, conventional hardware should be sufficient for this, quantum computers are not necessary for post-quantum cryptography.

How to evaluate quantum-secure encryption methods

The algorithms of post-quantum cryptography use different types of cryptography to create quantum-safe or quantum-resistant security. IBM lists six main areas that can play an important role in post-quantum cryptography:

  • grid-based cryptography 
  • multivariate cryptography 
  • hash-based cryptography 
  • code-based cryptography 
  • isogeny-based cryptography 
  • quantum resistance in symmetric keys

The US National Institute of Standards and Technology (NIST) launched its own PQC project (Post-Quantum Cryptography) in 2016 to evaluate and standardize quantum-fixed cryptographic algorithms. In several rounds, various methods were examined in detail. At the end of the third round, the institute announced that it would “standardize the key cleaning method Crystals-Kyber as well as the signature methods Crystals-Dilithium, Falcon and Sphincs+”. In addition, the institute intends to examine the three code-based key cleaning methods Classic McEliece, BIKE, and HQC. In the end, several methods should be available that are based on different mathematical methods and can be used side by side.

In a nutshell:

While quantum cryptography uses physical principles to create secure encryption systems, post-quantum cryptography is looking for new algorithms for encryption solutions that are secure against both quantum computers and classical computers. Until Q-Day, the day on which quantum computers can crack today's encryption methods, all computer systems must ultimately be quantum-safe in order to prevent a global catastrophe. NCP VPN solutions will continue to support you with the latest and most powerful algorithms and key lengths, which are considered “state of the art”.

Learn more now about Secure VPN without compromise