Post-Quantum Cryptography (PQC) is the development of cryptographic algorithms—typically based on lattice-based cryptography, hash-based signatures, or code-based systems—that are believed to be secure against cryptanalytic attacks by a cryptographically relevant quantum computer. Unlike quantum key distribution, PQC runs on standard classical hardware and replaces vulnerable RSA and Elliptic Curve Cryptography (ECC) algorithms with mathematical problems resistant to Shor's algorithm.
Glossary
Post-Quantum Cryptography (PQC)

What is Post-Quantum Cryptography (PQC)?
Post-quantum cryptography refers to cryptographic algorithms designed to secure data against attacks from both classical and large-scale quantum computers, ensuring long-term confidentiality.
The primary goal is long-term data protection against 'harvest now, decrypt later' threats, where adversaries store encrypted healthcare data today to decrypt it once fault-tolerant quantum computers become available. Standardization is led by NIST, which has selected algorithms like CRYSTALS-Kyber for key encapsulation and CRYSTALS-Dilithium for digital signatures, ensuring cryptographic agility for regulated environments.
Key Features of PQC
Post-Quantum Cryptography (PQC) standardizes algorithms designed to resist attacks from both classical and large-scale quantum computers, ensuring the long-term confidentiality and integrity of sensitive healthcare data.
Hybrid Migration Strategies
To mitigate transition risk, security architects are deploying hybrid cryptographic schemes that combine classical and PQC algorithms. This ensures security even if one layer is broken.
- Dual Signing: A document is signed with both ECDSA and CRYSTALS-Dilithium; both must validate.
- Composite Encryption: Data is encrypted using a classical key encapsulation mechanism (KEM) and a PQC KEM, with the session key derived from both shared secrets.
- This approach maintains backward compatibility while introducing quantum resistance.
Harvest Now, Decrypt Later (HNDL) Defense
A primary driver for immediate PQC adoption in healthcare is the HNDL threat. Adversaries are currently intercepting and storing encrypted long-lived patient records (e.g., genomic sequences) with the expectation of decrypting them once a cryptographically relevant quantum computer (CRQC) becomes available.
- Data Longevity: Protected Health Information (PHI) often requires confidentiality for decades.
- Forward Secrecy: PQC ensures that sessions encrypted today cannot be retroactively broken in the future.
Performance and Bandwidth Trade-offs
PQC algorithms generally involve larger key sizes and ciphertexts compared to classical ECC, impacting network overhead and storage.
- CRYSTALS-Kyber-768: Public key size is ~1,184 bytes vs. 32 bytes for ECC Curve25519.
- Signature Size: CRYSTALS-Dilithium signatures are ~2,420 bytes, significantly larger than ECDSA.
- Optimization: Hardware acceleration and instruction set extensions (e.g., AVX2) are critical for maintaining low latency in federated learning aggregation rounds.
Stateful vs. Stateless Signatures
PQC signature schemes are categorized by their state management requirements, which is critical for fault-tolerant distributed systems.
- Stateless (SPHINCS+, Dilithium): No secret state needs to be maintained between signatures, making them robust against system crashes and cloning—ideal for virtualized healthcare cloud environments.
- Stateful (XMSS, LMS): Require tracking a one-time signature index; reusing a state value catastrophically breaks security. These are better suited for firmware signing in controlled hardware security modules (HSMs).
Frequently Asked Questions
Clear, technically precise answers to the most common questions about cryptographic algorithms designed to resist attacks from both classical and large-scale quantum computers.
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to be secure against cryptanalytic attacks by both classical and large-scale quantum computers. Unlike current public-key cryptosystems such as RSA and Elliptic Curve Cryptography (ECC)—which rely on the hardness of integer factorization and discrete logarithm problems that Shor's algorithm can efficiently solve on a sufficiently powerful quantum computer—PQC schemes are built upon mathematical problems believed to be intractable even for quantum adversaries. The primary families of PQC include:
- Lattice-based cryptography: Relies on the hardness of problems like Learning With Errors (LWE) and Ring-LWE on high-dimensional lattices.
- Code-based cryptography: Based on the difficulty of decoding random linear codes, exemplified by the Classic McEliece scheme.
- Multivariate cryptography: Uses the hardness of solving systems of multivariate polynomial equations over finite fields.
- Hash-based signatures: Constructs digital signatures solely from the security of cryptographic hash functions, such as the SPHINCS+ scheme.
- Isogeny-based cryptography: Leverages the computational difficulty of finding isogenies between supersingular elliptic curves.
PQC does not require quantum computers to operate; these are purely classical algorithms that run on conventional hardware, making them a drop-in replacement for vulnerable classical cryptosystems.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Post-Quantum Cryptography is one layer in a broader privacy-preserving computation stack. These related concepts work alongside PQC to protect sensitive healthcare data during collaborative AI training.
Lattice-Based Cryptography
The mathematical foundation underlying most NIST-standardized PQC algorithms. Lattice-based schemes derive their security from the computational hardness of problems like Learning With Errors (LWE) and Short Integer Solution (SIS) on high-dimensional lattices.
- Resistant to both classical and Shor's algorithm attacks
- Forms the basis for CRYSTALS-Kyber (key encapsulation) and CRYSTALS-Dilithium (digital signatures)
- Enables advanced constructions like fully homomorphic encryption
Homomorphic Encryption (HE)
A cryptographic primitive enabling computation directly on encrypted data without decryption. When combined with PQC, HE provides long-term confidentiality for sensitive medical computations in untrusted cloud environments.
- Fully Homomorphic Encryption (FHE) supports arbitrary computations on ciphertexts
- Allows federated model aggregation without exposing individual patient gradients
- PQC-secured HE ensures quantum-resistant encrypted computation
Secure Multi-Party Computation (SMPC)
A protocol enabling multiple healthcare institutions to jointly compute functions over private inputs while revealing only the agreed output. PQC-hardened SMPC ensures long-term security against future quantum adversaries.
- Enables private set intersection for patient cohort discovery
- Protects model weights during collaborative inference
- Quantum-secure commitment schemes prevent retroactive decryption
Differential Privacy
A mathematical framework providing provable privacy guarantees through calibrated noise injection. While PQC protects data in transit and at rest, differential privacy protects against inference-based attacks on the trained model itself.
- Epsilon (ε) quantifies the privacy loss budget
- Prevents membership inference attacks on federated models
- Complements PQC for defense-in-depth privacy architecture
Quantum Key Distribution (QKD)
A hardware-based approach using quantum mechanical principles to establish information-theoretically secure encryption keys. Unlike PQC, QKD requires specialized photonic infrastructure but offers provable security independent of computational assumptions.
- Detects eavesdropping through quantum state disturbance
- Limited by distance and requires trusted nodes
- Often deployed alongside PQC in hybrid quantum-safe networks
Crypto-Agility
The architectural principle of designing systems to rapidly swap cryptographic primitives without system redesign. Essential for healthcare organizations preparing for the post-quantum transition.
- Enables seamless migration from RSA/ECC to PQC algorithms
- Supports hybrid certificates combining classical and quantum-safe keys
- Required by NIST SP 800-208 for federal systems

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us