Quantum computing has been in the works for several years now, with one generation of quantum computer after another surpassing its predecessors.

Such technology promises to enable people to solve previously intractable problems and perhaps to implement AI technologies well beyond today’s state of the art.

That promise, however, has a dark side. We’ve known for years that eventually, quantum computers will be powerful enough to crack even the most robust of today’s encryption – exposing confidential data and compromising corporate networks.

Something must be done, the experts exclaim. Today’s cryptography, aka “classical” cryptography, is ubiquitous across the information technology landscape: Every computer, device or network depends upon it.

Once quantum computers can crack today’s encryption, at some date in the future the pundits have dubbed “Q-Day,” any organization that hasn’t mitigated its cryptography risk will be vulnerable to any attack a bad actor might attempt.

Q-Day, in fact, is reminiscent of Y2K – a similar global powder keg that if left unaddressed, would have taken down IT infrastructure across the globe. But unlike Y2K, we don’t have a fixed date for Q-Day. Perhaps it is five years away, perhaps 10 or more.

For the C-suite – chief information security officers in particular – who have enough problems on their plates right now, spending a scant cybersecurity budget on a problem that will cause trouble years down the road might seem to be an investment that can wait.

It can’t.

The fact is, five years is barely enough to mitigate the risks inherent in maintaining classical cryptography, especially for enterprises burdened with “brownfield” or legacy IT infrastructure and applications.

The good news: Numerous hardware and software vendors (as well as professional services firms) have been ramping up R&D to provide the quantum-safe, or QS, post-quantum cryptography, PQC for short, that organizations will require – along with the technology, services and expertise necessary to make the transition to a post-quantum world.

The long road to a post-quantum future

Though research into PQC has been going on for years, the starting gun (if there is one) for enterprises to take the problem seriously was the National Institute of Standards and Technology’s release of three PQ encryption standards in August 2024.

With these standards, vendors had clear goals for what to implement in their product offerings. It became possible to put together PQ migration roadmaps, specifying the steps organizations would have to take to mitigate quantum risks across their IT landscapes. At its core, this mitigation consists of replacing classical cryptography with PQC – but the devil is in the details.

The first problem: It’s impossible to transition from classical to PQC in some sort of big-bang switchover. Instead, organizations require a multiyear migration strategy. During this transition, classical and PQC must live side-by-side – leading to various “hybrid” solutions that support both technologies at once.

The second problem: Many older applications and devices simply cannot support the replacement of one cryptographic approach for another.

Cryptography may be hard-coded into legacy apps – some of which vendors no longer support, others custom-built by people who are no longer working at the company. Older hardware also provides its own limitations, as QS keys are much larger than classical ones. There may simply not be enough random-access memory to support PQC on such devices.

The third problem: NIST’s three QS algorithms are by no means the final word on the matter. All the experts agree that these algorithms are just the starting point. They all expect one or more of them to be broken, leading to new, improved algorithms over time.

Any PQ solution, therefore, must have what the industry refers to as “crypto-agility”: the ability to support changing algorithms, as well as technology solutions, over time.

Migrating from classical to PQC is hard enough – nobody wants to have to go through another such transition in the future as quantum computers evolve. Any new cryptography technology must be able to roll with the changes.

The basics of a quantum migration strategy

The three core phases of a quantum migration strategy are discovery, mitigation and management.

The discovery phase requires organizations to identify all cryptography assets in their organization and quantify the risk inherent in those assets.

In many cases, discovery will uncover problems that classical approaches alone can address, for example, outdated versions of TLS. This phase will also uncover areas where PQ technology will be necessary.

The discovery phase typically leads to the creation of a cryptography bill of materials, or CBOM, a database that tracks cryptography assets similar to the way a software bill of materials, or SBOM, tracks software assets.

The mitigation phase, then, begins with prioritization of risks. There will be far too many problems to tackle all at once, so organizations must triage them. Where is cryptography mission-critical? What are the most important or valuable data assets that cryptography must protect?

The next step is to put together a mitigation roadmap. How will the organization go about resolving its cryptography issues: What steps and in what order? How to implement a hybrid strategy to support the transition from classical to PQC?

With the roadmap in hand, then, organizations can proceed with the difficult mitigation tasks ahead of them.

The final phase – management – centers on delivering crypto-agility. In addition to familiar IT management activities, organizations must also manage the ever-changing quantum computing landscape as well as the evolving cryptographic algorithms that will indubitably come to market.

PQ products on the market today

Though many vendors in the PQC space have products that are still in the works, I interviewed 10 companies from around the world that have PQ products in the market available now.

Hardware focus

Some of them focus on hardware, including quantum key distribution, or QKD, and quantum random number generator, or QRNG, technologies. QKD is essential for establishing secure communications between distant endpoints, and QRNG is a source of pure randomness essential for generating secure keys — both classical and quantum.

QuintessenceLabs Pty Ltd. offers a QRNG appliance as well as quantum entropy-as-a-service, a key and policy management platform, and QKD tooling, as well as a supporting software development kit.

KETS Quantum Security Ltd. has a chip-based approach to PQC. Its focus is QKD, with a QRNG subsystem.

Their core IP is quantum photonics, rather than quantum entanglement. Quantum photonics – leveraging the transmission of single photons – has become the favored approach to QKD, as the alternative quantum entanglement approach is still too immature. As is typical for chip vendors, KETS is rapidly iterating its technology to reduce costs and size of deployed technology.

QuNu Labs Private Ltd., known as QNu Labs, offers a software-based QS platform that abstracts underlying hardware. This platform provides a QS VPN tunnel that works over standard networks, QS messaging and collaboration, and a QS vault that works with hardware security modules, or HSMs.

QNu Labs’ hardware offerings include QKD and QRNG. There are two flavors of the QRNG: One is high-volume for data centers (including clouds), which is the more expensive of the two. The other QRNG is less expensive and lightweight for IoT applications as well as a PCI card form factor for server manufacturers.

As with other photonic QKD technologies, the distance between nodes maxes out at about 150 kilometers. To address this limitation, QNu Labs offers a QKD orchestrator: trusted node technology that enables telcos to set up and manage long-distance and hub-and-spoke PQ networks.

Xiphera Oy designs optimized cryptographic solutions for field-programmable gate arrays and application-specific integrated circuits.  The company offers digital logic design for third-party chip manufacturers to implement.

One of Xiphera’s core design principles is “system on chip” or SoC, giving hardware manufactures a form factor that works well in a variety of use cases, including the internet of things.

Xiphera’s technology can also provide QS boot capabilities in firmware, including hybrid approaches that sign the firmware with both classical and PQC signatures.

Secure communications

In addition to those vendors, others support secure interactions between endpoints.

PQ Solutions Ltd., commonly known as Post-Quantum, offers a QS platform with software for identity, transmission, and encryption that protects organizations across their digital footprints.

The company offers a secure, QS encrypted messaging app, a hybrid PQ VPN that secures data in transit, and a quantum-ready multifactor biometric identity system for passwordless sign-in.

QuSecure Inc. offers a QS data security product that provides web app security (between web servers and web applications), network security (between applications on the corporate network), and core security (between routers).

QuSecure works as a proxy, providing service mesh capabilities that provide a single point of control for certificate management, TLS version upgrades, and policy enforcement. Its technology supports the full lifecycle of PQC adoption: discovery, remediation, and management. It works in conjunction with existing cryptography infrastructure, facilitating transitions to PQC by supporting hybrid classical/quantum networking during the migration process.

PQShield Ltd. offers a PQ security suite that includes both hardware and software components. In hardware, PQShield offers a variety of products, including an autonomous PQC subsystem, PQC acceleration for existing subsystems, and a PQC engine – all with support for classical encryption as well as PQC.

In software, the company offers a variety of PQC libraries as well as an SDK that helps customers avoid vendor lock-in.

PQShield’s products work across two fundamentally different environments: high-end devices for data centers where energy consumption is a primary constraint, and brownfield devices on Earth and on satellites that require QS firmware updates and ongoing mitigation of legacy cryptography.

One of the primary technical challenges with updating brownfield devices to be QS is that the quantum keys are larger than classical ones, and the brownfield devices may not have sufficient RAM to support them. PQShield addresses this problem with its optimized PQC implementations that work in memory-constrained devices.

The full-lifecycle approach

There is also a group of vendors who take a full-lifecycle approach to PQ migration, beginning with the discovery phase.

Quantum Xchange Inc. offers a cryptographic inventory tool that provides cyber-risk discovery. This tool listens on corporate networks for various cryptographic risk factors, including unencrypted traffic, quantum-vulnerable cryptography and classical PKI vulnerabilities like expired or self-signed certificates.

The company also offers a cryptographic management platform that is both QS and crypto-agile, working with existing, classical encryption and network infrastructure to extend its life as the organization transitions to QS infrastructure. The platform enables organizations to stack, deliver and manage QS keys across any network media type.

CryptoNext Inc. offers a full-lifecycle QS crypto-agile suite that provides evaluation, discovery, remediation and crypto-agility management capabilities.

Its analytics tool both uncovers cryptographic assets and monitors the PQC migration, feeding CryptoNext’s CBOM database. The company’s remediation approach is multi-layered, featuring a cryptographic library, secure protocols, development tools, and application plugins. CryptoNext also supports crypto-agility via governance processes and tools that provide continuous management and updates of cryptographic libraries.

And then there’s IBM

The standout in the QS migration market, unsurprisingly, is IBM Corp.

IBM is leveraging its unique position in the marketplace as a leader in hardware, software, research and professional services to offer end-to-end, consulting-supported PQ solutions.

Its leadership in quantum computers informs, and is informed by, its research into PQ technologies. On the software side, IBM offers “cryptography posture management,” its term for its discovery and remediation technologies.

IBM’s QS discovery technology identifies and inspects cryptographic properties across applications and other files in the enterprise. It can generate a CBOM and identify and correct bad coding practices.

This technology integrates with network and code scanning tools as well as existing CMDBs to gain visibility into cryptographic practices, define and enforce relevant policies, and generate the reports necessary to prioritize vulnerabilities.

IBM’s QS remediation offering can protect brownfield applications as well as network endpoints without requiring code modifications or changes to IT architectures.

The Intellyx take

Who, then, is buying PQ technologies today?

Even though enterprises are the target market, a variety of other players are rising to the challenge, thus addressing enterprise needs.

Server and network equipment vendors are including PQ technologies in their offerings, often from many of the vendors in this article.

Telecommunications firms are building out QS fiber networks to support their own customers, larger enterprises in particular. These networks are for internal and wide-area use, as well as essential components of a still theoretical “quantum internet.”

Government agencies – especially military – are also early adopters of PQ technologies. Secure communications have always been a battlefield must-have, and defense departments around the world are on top of PQC as a result.

Data center providers, including the hyperscalers, are also rapidly adopting PQ technologies – either by purchasing quantum-ready servers or by building out their own infrastructure. PQC-as-a-service is an obvious benefit of this trend.

Other enterprises, especially in regulated industries who must comply with relevant cybersecurity regulations, are often turning to their system integrator partners for assistance. Piecing together all the moving parts of a PQ migration is a daunting task, and they need all the help they can get.

Every enterprise, however, should at the very least put together a cryptography task force to coordinate PQ mitigation strategies across the organization. If your organization doesn’t have one, then the time is now to put one together. Don’t wait.

Jason Bloomberg is founder and managing director of Intellyx, which advises business leaders and technology vendors on their digital transformation strategies. He wrote this article for SiliconANGLE. IBM is a former Intellyx customer. None of the other organizations mentioned in this article is an Intellyx customer. No AI was used to write this article. Intellyx wrote this article for SiliconANGLE.

Photo: IBM/Flickr