Post-Quantum Cryptography
NIST PQC standards (ML-KEM, ML-DSA, SLH-DSA), crypto agility, PQC migration planning.
What is Post-Quantum Cryptography?
Post-quantum cryptography (PQC) is the field of developing cryptographic algorithms that remain secure against both classical and quantum computers. Unlike quantum key distribution, PQC algorithms run on existing classical hardware — they are designed to be drop-in replacements for RSA, ECC, and other vulnerable schemes, making them the practical path to quantum resistance for the vast majority of systems.
In 2024, NIST finalized its first post-quantum standards: FIPS 203 (ML-KEM, based on CRYSTALS-Kyber) for key encapsulation, FIPS 204 (ML-DSA, based on CRYSTALS-Dilithium) for digital signatures, and FIPS 205 (SLH-DSA, based on SPHINCS+) as a hash-based signature backup. These lattice-based and hash-based algorithms represent years of cryptanalysis and standardization effort, and they are now ready for deployment.
The real challenge is migration. Crypto agility — the ability to swap cryptographic algorithms without redesigning systems — is the critical engineering capability organizations need. Migration planning involves inventorying every cryptographic dependency, prioritizing systems by data sensitivity and lifespan, testing PQC algorithm performance (key sizes and signature sizes are significantly larger), and executing phased rollouts. Hybrid approaches that combine classical and post-quantum algorithms are recommended during the transition period.
Why it matters
Post-quantum cryptography is the concrete solution to quantum threats. With NIST standards finalized, the question is no longer 'what algorithms?' but 'how fast can we migrate?' — and organizations that delay will face compounding technical debt and compliance gaps.
PQC is where quantum threat theory meets engineering practice. It connects quantum computing fundamentals (the 'why') to quantum-safe compliance (the 'when') and quantum security engineering (the 'how').
AI & Quantum Futures
The emerging stack reshaping cybersecurity from both directions — AI toolkit, AI attack surface, and the quantum transition.
Other domains in this layer
Standards and frameworks
Roles where this matters
Career paths where this domain shows up as core or recommended.
Prepare for the post-quantum era. Understand quantum threats and lead cryptographic migration efforts.
Senior design role — defines how pillar A components fit together across identity, crypto, network, cloud, and data — and, increasingly, how pillar C bolts into it.
Certifications that signal this domain
Credentials whose blueprint meaningfully covers this domain. Core means centrally covered; also touched means present in the blueprint but not the primary focus.
Core coverage
NIST / vendor PQC migration training (emerging credentials)
Crypto inventory, algorithm selection (ML-KEM/ML-DSA/SLH-DSA), migration planning.
Browse all certifications → — pick a cert on the interactive map to highlight every domain it covers.
People shaping this field
Researchers and practitioners worth following in this space.
NIST PQC project lead
Co-designer of CRYSTALS-Kyber and CRYSTALS-Dilithium
Cryptographer, advocate for conservative PQC and crypto agility
IBM researcher, co-designer of CRYSTALS-Dilithium
Curated resources
Authoritative sources we ground Post-Quantum Cryptography questions in — frameworks, research, guides, and tools.
NIST SP 800-227 — Recommendations for Transition to PQC (Draft)
Migration guidance and timelines. Deprecation schedule for current algorithms. Hybrid approaches. The roadmap document for PQC transition questions.
Bernstein & Lange — "Post-Quantum Cryptography" (Nature, 2017)
Survey of PQC families: lattice, code-based, multivariate, hash-based, isogeny-based. Good for comparative questions on different PQC approaches and their security assumptions.
NIST FIPS 203 — ML-KEM (Module-Lattice Key Encapsulation)
NIST's primary post-quantum key encapsulation mechanism standard. Based on the CRYSTALS-Kyber algorithm. Replaces RSA/ECDH key exchange.
NIST FIPS 204 — ML-DSA (Module-Lattice Digital Signature)
NIST's primary post-quantum digital signature standard. Based on CRYSTALS-Dilithium. Replaces RSA/ECDSA signatures.
NIST FIPS 205 — SLH-DSA (Stateless Hash-Based Digital Signature)
Hash-based post-quantum signature standard. Conservative choice based on well-understood hash function security. Backup to ML-DSA.
Open Quantum Safe (liboqs)
Open-source C library implementing quantum-safe cryptographic algorithms. Enables testing and integration of PQC into existing systems.
NIST IR 8413 — Status Report on PQC Round 3
Detailed technical analysis of the post-quantum cryptographic algorithms evaluated in NIST's third round. Essential for understanding algorithm selection rationale.
More in Quantum Technologies & Cybersecurity
Drill Post-Quantum Cryptography with adaptive difficulty
43 questions available. Skip what you know, focus where you're weak, and watch your rating move.