Post-Quantum Cryptography (PQC), also known as quantum-resistant or quantum-safe cryptography, refers to cryptographic algorithms designed to withstand cryptanalysis by both classical computers and future quantum computers. Unlike current public-key systems like RSA and Elliptic Curve Cryptography (ECC), which are vulnerable to Shor's algorithm running on a quantum computer, PQC algorithms are based on mathematical problems believed to be hard for quantum computers to solve. The National Institute of Standards and Technology (NIST) is leading a standardization process to select viable PQC algorithms for widespread adoption.
Glossary
Post-Quantum Cryptography (PQC)

What is Post-Quantum Cryptography (PQC)?
Post-Quantum Cryptography (PQC) is the field of cryptographic algorithms designed to be secure against attacks from both classical computers and future, cryptographically-relevant quantum computers.
For TinyML and embedded systems, implementing PQC presents significant challenges due to the increased computational overhead, larger key sizes, and greater memory footprint of these new algorithms compared to traditional Lightweight Cryptography. This necessitates hardware-aware optimization and careful integration with a device's Hardware Security Module (HSM) or Secure Element to maintain performance within the severe constraints of microcontrollers. PQC is a critical component of a forward-looking Zero-Trust Architecture for IoT, ensuring long-term data confidentiality and integrity for devices deployed in the field for decades.
Core PQC Algorithm Families
Post-Quantum Cryptography (PQC) comprises cryptographic algorithms designed to be secure against attacks from both classical and future quantum computers. The following families represent the primary mathematical approaches being standardized to replace vulnerable systems like RSA and ECC.
Multivariate Cryptography
Multivariate cryptography is based on the difficulty of solving systems of multivariate quadratic polynomials over finite fields. The security hinges on the MQ problem, which is also NP-hard.
- Typical Use: Primarily used for constructing digital signatures.
- Characteristics: Produces very short signatures and fast verification, but often has large public keys.
- Examples: Rainbow (a signature scheme that was a NIST finalist but later had its security parameters reduced due to cryptanalysis) and GeMSS. These schemes often involve generating a complex public map that is easy to evaluate but hard to invert without a secret 'trapdoor'.
Isogeny-Based Cryptography
Isogeny-based cryptography is a newer family that uses the mathematical theory of elliptic curves and the difficulty of computing isogenies (maps between curves) between supersingular elliptic curves.
- Core Problem: Supersingular Isogeny Diffie-Hellman (SIDH).
- Key Advantage: Exceptionally small key sizes compared to other PQC families.
- Recent Development: The original SIDH proposal (SIKE) was broken in 2022 using a new mathematical attack. Active research is focused on developing secure variants, such as CSIDH (which operates in the commutative setting), but these are less efficient and not yet ready for standardization.
Symmetric Cryptography & Hybrid Modes
While not a 'public-key' family, symmetric algorithms (AES, SHA-3) are generally considered quantum-resistant, though Grover's algorithm forces a doubling of key size for equivalent security. Therefore, PQC migration focuses on replacing public-key algorithms.
- Hybrid Deployment: The recommended practical approach is hybrid key exchange, where a classical algorithm (e.g., ECDH) and a PQC algorithm (e.g., Kyber) are both used. The final shared secret is derived from both results.
- Benefit: Maintains security even if one of the cryptographic systems is broken, providing a robust transition path. Major protocols like TLS 1.3 and SSH are adopting hybrid modes.
PQC for TinyML and Embedded Systems
Post-Quantum Cryptography (PQC) for TinyML and embedded systems refers to the implementation of quantum-resistant cryptographic algorithms on microcontroller-class devices, securing them against future quantum computer attacks.
Post-Quantum Cryptography (PQC) comprises algorithms designed to be secure against attacks from both classical and future quantum computers, which threaten to break widely used public-key systems like RSA and ECC. For TinyML and embedded systems, this involves adapting these mathematically complex algorithms—such as lattice-based, code-based, or hash-based schemes—to operate within the severe constraints of microcontrollers, including limited RAM, flash storage, and CPU cycles, while maintaining a minimal power footprint.
The primary challenge is the significant computational and memory overhead of PQC algorithms compared to traditional Elliptic Curve Cryptography (ECC). Implementation requires careful optimization, often leveraging hardware acceleration like cryptographic co-processors and techniques from lightweight cryptography. This ensures secure firmware attestation, Secure Over-the-Air (SOTA) updates, and long-term data protection for IoT devices, establishing a hardware root of trust resilient to the quantum threat horizon.
Frequently Asked Questions
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to be secure against attacks from both classical computers and future quantum computers, which are anticipated to break widely used public-key cryptosystems like RSA and ECC. This FAQ addresses its critical role in securing embedded and TinyML systems.
Post-Quantum Cryptography (PQC) is a class of cryptographic algorithms designed to be secure against cryptanalysis by both classical computers and future, large-scale quantum computers. The urgency stems from Shor's algorithm, a quantum algorithm that can efficiently solve the integer factorization and discrete logarithm problems, which would break the security of nearly all currently deployed public-key cryptography (RSA, ECC, DH). This creates a 'harvest now, decrypt later' threat, where adversaries can collect encrypted data today to decrypt it once a sufficiently powerful quantum computer exists. For long-lived embedded IoT and TinyML devices with 10-20 year lifespans, implementing PQC is a critical preemptive security measure.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Post-Quantum Cryptography (PQC) integrates with and often replaces classical cryptographic primitives to build secure systems. These related concepts form the essential building blocks and threat models for securing embedded TinyML deployments.
Secure Boot
A hardware-enforced security mechanism that ensures a device executes only cryptographically signed and verified firmware during its initial startup sequence. PQC is critical for its long-term security.
- Process: The bootloader verifies the digital signature of the next-stage firmware using a public key anchored in hardware before execution.
- Quantum Threat: Classical digital signatures (ECDSA, RSA-PSS) used in boot chains are vulnerable to quantum attacks. PQC digital signature algorithms (e.g., SPHINCS+, Falcon) are required for future-proofing.
- TinyML Impact: Guarantees the integrity of the machine learning model binary and inference runtime loaded onto the device.
Side-Channel Attack
A security exploit that extracts secret information (e.g., encryption keys) by analyzing indirect physical emissions from a device during cryptographic operations, such as power consumption, electromagnetic radiation, or timing.
- Relevance to PQC: New PQC algorithms have different computational profiles than classical crypto, potentially introducing novel side-channel vulnerabilities (e.g., via secret-dependent branches or memory access patterns).
- Common Types: Simple Power Analysis (SPA), Differential Power Analysis (DPA), and timing attacks.
- Mitigation: Constant-time implementation, algorithmic masking, and dedicated secure hardware are essential for PQC on exposed embedded devices.
Authenticated Encryption
A cryptographic mode of operation that simultaneously provides confidentiality (encryption), integrity, and authenticity for data. It is a fundamental primitive for securing data-in-transit and data-at-rest for TinyML.
- Classical Standard: AES-GCM is widely used but relies on AES, which, while quantum-resistant as a symmetric cipher, requires larger key sizes post-quantum (256-bit).
- PQC Modes: NIST is standardizing PQC authenticated key exchange and considering composite schemes that combine classical symmetric authenticated encryption with PQC key establishment.
- Use Case: Securing sensor data streams or model updates sent to/from a microcontroller.
Firmware Attestation
A security process where a device cryptographically proves the integrity and authenticity of its currently running firmware and software state to a remote verifier.
- Mechanism: The device generates a signed report (attestation) of measured software hashes, using a key certified by a hardware root of trust.
- PQC Transition: The digital signature in the attestation report must be quantum-resistant. This requires integrating a PQC signature algorithm into the attestation protocol.
- TinyML Application: Critical for verifying that an on-device machine learning model has not been tampered with or replaced by a malicious version, enabling trust in distributed edge intelligence.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us