Inferensys

Glossary

Post-Quantum Cryptography

Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to be secure against attacks by both classical and quantum computers, particularly those leveraging Shor's algorithm.
Stylish WeWork-like workspace with hot desks and document wall, professional searching through enterprise knowledge base on a mounted ultrawide display, warm industrial pendants overhead.
CRYPTOGRAPHIC STANDARDS

What is Post-Quantum Cryptography?

Post-Quantum Cryptography (PQC) comprises cryptographic algorithms designed to be secure against attacks from both classical computers and future quantum computers.

Post-Quantum Cryptography (PQC) refers to a class of cryptographic algorithms engineered to remain secure against cryptanalytic attacks by both conventional computers and large-scale quantum computers. The primary threat driving its development is Shor's algorithm, a quantum algorithm that can efficiently break widely used public-key cryptosystems like RSA and ECC. PQC algorithms are based on mathematical problems believed to be hard for quantum computers to solve, such as those in lattice-based cryptography, code-based cryptography, and multivariate cryptography.

The standardization of PQC, led by institutions like NIST, is critical for securing long-term data and future-proofing systems like federated learning and secure aggregation protocols. Unlike quantum cryptography (which uses quantum mechanics), PQC is implemented in classical software and hardware. Its integration is essential for maintaining data sovereignty and confidentiality in a post-quantum era, ensuring that encrypted communications and stored data remain protected even after the advent of cryptographically relevant quantum computers.

CRYPTOGRAPHIC FOUNDATIONS

Core Mathematical Families of PQC

Post-Quantum Cryptography (PQC) is built upon mathematical problems believed to be intractable for both classical and quantum computers. These families form the basis for standardized algorithms designed to replace vulnerable public-key cryptosystems like RSA and ECC.

03

Multivariate Cryptography

Multivariate cryptography is based on the hardness of solving systems of multivariate quadratic equations over finite fields. The security stems from the fact that solving such systems is generally NP-hard. These schemes typically involve a trapdoor—a secret structure that allows the legitimate holder to invert the public quadratic map efficiently. They are primarily used for constructing digital signatures, offering very fast verification and small signatures, though key sizes can be large. The NIST-selected Rainbow is a multivariate signature scheme.

04

Hash-Based Cryptography

Hash-based cryptography constructs digital signatures from the security properties of cryptographic hash functions. Its security reduces solely to the collision resistance and preimage resistance of the underlying hash function (like SHA-3), which are considered quantum-resistant. The most well-known construction is the Merkle signature scheme (MSS), which uses a Merkle tree of one-time signatures. These schemes provide strong, conservative security guarantees but often require state management to prevent key reuse. The NIST-selected SPHINCS+ is a stateless hash-based signature scheme.

05

Isogeny-Based Cryptography

Isogeny-based cryptography is built on the computational hardness of finding an isogeny (a special kind of map) between two supersingular elliptic curves. The core problem is the Supersingular Isogeny Diffie-Hellman (SIDH) problem. This family offers exceptionally small key sizes but has faced significant cryptanalytic scrutiny, leading to the SIKE algorithm being broken in 2022. Research continues into more robust isogeny-based constructions. It is primarily used for key exchange.

06

Symmetric Key Cryptography & Hash Functions

While not a 'public-key' family, symmetric cryptography (AES) and hash functions (SHA-2, SHA-3) are critical components of the PQC migration. Grover's quantum algorithm provides a quadratic speedup for brute-force attacks, effectively halving the security level. Therefore, a 256-bit symmetric key provides ~128 bits of post-quantum security. NIST has standardized new hash functions and modes, like SHA-3 and AES-256, as quantum-resistant building blocks for authentication and encryption within hybrid PQC systems.

256-bit
AES Key for PQ Security
SECURE AGGREGATION PROTOCOLS

How Post-Quantum Cryptography Works

Post-Quantum Cryptography (PQC) comprises cryptographic algorithms designed to be secure against attacks by both classical computers and future quantum computers.

Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to withstand cryptanalysis by both classical computers and quantum computers, which can break widely used public-key systems like RSA and ECC using Shor's algorithm. Its primary goal is to create a crypto-agile foundation for long-term data security, ensuring confidentiality and integrity for systems like federated learning's secure aggregation protocols. PQC is not a single algorithm but a family of approaches, including lattice-based, code-based, hash-based, and multivariate cryptography.

The transition to PQC involves algorithm substitution, where vulnerable classical public-key primitives are replaced with quantum-resistant ones for key exchange and digital signatures. Core PQC schemes rely on mathematical problems considered hard for quantum computers to solve, such as the Learning With Errors (LWE) problem in lattice-based cryptography. For secure aggregation, PQC enables future-proof homomorphic encryption and secure multi-party computation protocols, allowing a server to compute over encrypted client updates without ever decrypting individual contributions, thus preserving privacy against quantum-capable adversaries.

CRYPTOGRAPHIC TRANSITION

Primary Use Cases for PQC

Post-Quantum Cryptography (PQC) is not a single algorithm but a suite of new cryptographic primitives designed to replace current public-key systems vulnerable to quantum attacks. Its primary applications are in securing long-term data and modernizing protocols for a quantum future.

02

Digital Signature Modernization

PQC provides quantum-resistant algorithms for digital signatures, which authenticate software updates, legal documents, and blockchain transactions. Current standards like ECDSA and RSA-PSS are also broken by Shor's algorithm. PQC signature schemes (e.g., Dilithium, Falcon) are designed to withstand quantum attacks, ensuring the integrity and non-repudiation of digital agreements in the future. This is essential for:

  • Software supply chain security (signing code)
  • Public Key Infrastructure (PKI) for websites and email
  • Cryptocurrency and smart contract authentication
04

IoT and Embedded Systems Security

PQC algorithms are being optimized for constrained environments like IoT sensors and edge devices. While some PQC schemes have larger key sizes, NIST's selected algorithms include options designed for efficiency. Deploying PQC on these devices future-proofs the authentication and communication for critical infrastructure, autonomous systems, and industrial IoT, where devices may have operational lifespans exceeding 20 years. This involves trade-offs between security strength, computational overhead, and bandwidth usage.

05

Cryptographic Protocol Evolution

PQC drives the migration of core internet and communication protocols to quantum-safe versions. This includes:

  • Transport Layer Security (TLS) 1.3 and 2.0 for web traffic
  • SSH for secure remote access
  • VPN tunnels (IPsec, WireGuard)
  • X.509 certificate standards Protocol integration requires hybrid modes, where connections use both a classical and a PQC algorithm simultaneously, ensuring security even if one is later broken. This gradual transition is managed by standards bodies like NIST, IETF, and ETSI.
06

Blockchain and Digital Asset Protection

PQC safeguards blockchain networks and digital wallets from quantum attacks that could forge signatures or steal assets. A quantum computer could:

  • Derive a private key from a public key (breaking ECDSA).
  • Solve the mining puzzle for Proof-of-Work blockchains disproportionately fast using Grover's algorithm. PQC migration plans involve signature algorithm replacement (e.g., switching to Dilithium) and potentially hash-based signatures like SPHINCS+ for wallet security, ensuring the long-term viability of decentralized systems and digital currencies.
CRYPTOGRAPHIC PARADIGM COMPARISON

Post-Quantum vs. Classical Cryptography

A comparison of foundational security assumptions, mathematical hardness, and operational characteristics between classical (pre-quantum) and post-quantum cryptographic systems.

Cryptographic Feature / MetricClassical Cryptography (e.g., RSA, ECC, AES)Post-Quantum Cryptography (Lattice-based, Code-based, etc.)

Security Foundation

Integer Factorization (RSA), Discrete Logarithm (ECC, DSA), Symmetric Block Ciphers (AES)

Lattice Problems (LWE, SIS), Code Decoding, Multivariate Quadratic Equations, Hash-based Signatures

Resilience to Shor's Algorithm

Resilience to Grover's Algorithm

Key size reduction required (e.g., AES-256 → ~128-bit security)

Key/hash size increase required (e.g., double output length for symmetric primitives)

Typical Public Key Size

RSA-2048: 256 bytes, ECC P-256: 32 bytes

CRYSTALS-Kyber-512: ~800 bytes, CRYSTALS-Dilithium-2: ~2.5 KB

Typical Signature Size

ECDSA (P-256): 64 bytes

CRYSTALS-Dilithium-2: ~2.5 KB, Falcon-512: ~0.9 KB

Computational Overhead

Low (mature hardware acceleration)

High (10-100x slower for operations; active optimization ongoing)

Communication Overhead

Low

High (Larger keys & signatures increase bandwidth)

Standardization Status

NIST FIPS 186-5, SP 800-56A/B (Mature)

NIST PQC Standardization (FIPS 203, 204, 205 Drafts - Emerging)

Primary Threat Model

Classical computers, side-channel attacks

Classical + quantum computers (Q-Day), side-channel attacks

Deployment Maturity

Ubiquitous (TLS, SSH, PKI)

Early adoption, hybrid modes (PQC + classical)

Cryptographic Agility Requirement

Low (long-term stable algorithms)

Critical (requires frameworks to swap algorithms for future quantum breaks)

POST-QUANTUM CRYPTOGRAPHY

Frequently Asked Questions

Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to be secure against attacks by both classical and quantum computers. This FAQ addresses its core mechanisms, relevance to federated learning, and practical implementation considerations.

Post-Quantum Cryptography (PQC) is a class of cryptographic algorithms designed to be secure against cryptanalytic attacks launched by both classical computers and future quantum computers, which threaten to break widely used public-key cryptosystems like RSA and ECC using Shor's algorithm. PQC works by basing its security on mathematical problems believed to be hard for quantum computers to solve, primarily problems in lattice-based cryptography (e.g., Learning With Errors), code-based cryptography, multivariate cryptography, and hash-based cryptography. These algorithms are structured so that encrypting, signing, or establishing a key requires computational work that remains infeasible even with a quantum computer's ability to evaluate superpositions of states.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.