Introduction
The tech world is quietly approaching a disruptive moment: the rise of quantum computing.
This isn’t science fiction or something that only concerns physicists in lab coats. It’s a technology that, once mature, could undermine the entire foundation of today’s cybersecurity—from encrypted emails to digital signatures, VPNs, and even blockchain.
But why is that? And more importantly: what can companies do to prepare before it’s too late?
Why Quantum Computing Changes Everything
Quantum computing is not just another leap in performance—it’s a game-changer for encryption.
Quantum computers don’t work like classical ones. Thanks to principles like superposition and entanglement, they can evaluate multiple possibilities at once.
Using a quantum algorithm called Shor’s algorithm, a quantum computer could break RSA encryption in just hours, once the hardware is powerful enough.
And here’s the kicker: even though those machines don’t exist yet, attackers can capture encrypted data today and decrypt it later—this is the so-called “harvest now, decrypt later” strategy.
The encryption that protects your data today may be useless tomorrow.
The Future of Standards: What NIST Is Doing
To stay ahead of the threat, the U.S. National Institute of Standards and Technology (NIST) has been working since 2016 on identifying new, quantum-resistant cryptographic standards.
To defend against quantum attacks, NIST has selected a new generation of cryptographic algorithms that don’t rely on the same math as RSA or ECC. These new tools are designed to resist the power of quantum computers, even if someone builds a machine strong enough to run Shor’s algorithm. Let’s take a closer look at the key standards.
ML-KEM, based on a scheme called Kyber, is the new gold standard for secure key exchange—the process that allows two parties to agree on a secret key over the internet. It replaces traditional methods like Diffie-Hellman. What makes Kyber so powerful is its balance of speed, security, and efficiency. It relies on a mathematical structure called lattices, which are complex geometric arrangements that quantum computers struggle to break. Kyber performs well on both servers and constrained devices, making it ideal for TLS, VPNs, and other protocols that require fast and secure encryption.
For digital signatures—the equivalent of handwritten signatures in the digital world—NIST has selected ML-DSA, which is based on Dilithium. Like Kyber, Dilithium is also lattice-based, but it’s optimized for creating and verifying digital signatures. Its strengths lie in its fast performance and relatively small signature sizes, which are crucial when signing documents, software, or establishing secure connections. In the quantum-safe world, ML-DSA is expected to replace RSA and ECDSA as the go-to signature algorithm.
Alongside Dilithium, NIST has also endorsed a more conservative option: SLH-DSA, based on a scheme called SPHINCS+. Unlike Kyber and Dilithium, SPHINCS+ doesn’t rely on lattices or complex algebraic problems. Instead, it uses only hash functions—the same kind of mathematical tools already used in password security and blockchain. That makes it extremely robust, even against future mathematical breakthroughs. The tradeoff? It’s slower and requires more bandwidth. But for systems that prioritize long-term security (like archives, backups, or firmware updates), it’s a reliable choice.
Finally, in 2025, NIST announced the future inclusion of HQC (Hamming Quasi-Cyclic). This algorithm is based on error-correcting codes, a completely different branch of mathematics. HQC is used for key exchange and is especially valuable because it offers cryptographic diversity: it doesn’t share the same mathematical roots as Kyber, so it acts as a safety net. If one family of algorithms were ever compromised, HQC would still hold up. It’s not yet finalized, but it’s on the path to becoming a recognized standard by 2027.
Together, these algorithms form a toolbox for the post-quantum era. Each has its strengths and ideal use cases, but all share one thing in common: they’re built not just to survive today’s threats—but tomorrow’s as well.
How Companies Can Start Preparing
Getting ready for the quantum era isn’t just a tech task—it’s a strategic business move. Here’s how companies can begin:
- Assess the risk: Identify where cryptography is used (VPNs, TLS, emails, file storage, APIs…). Flag sensitive data with long confidentiality needs (e.g., legal, health, intellectual property).
- Build a strategy: Define a roadmap for adopting quantum-safe algorithms. Evaluate vendors for quantum-readiness. Design systems to be crypto-agile (flexible in upgrading cryptographic components).
- Start testing: Deploy in test environments: PQC in TLS, VPN, signing processes. Use hybrid cryptography, combining traditional and quantum-resistant algorithms.
It’s not about replacing everything overnight—it’s about starting today, safely and gradually.
From Classical to Quantum-Safe Protocols
Many of the technologies we use daily rely on algorithms that will no longer be secure once quantum computing matures.
Current protocols (at risk):
- RSA, ECC, DH – breakable by Shor’s algorithm
- TLS 1.2/1.3, SSH, IPSec/VPN – all use vulnerable key exchanges or signatures
What is Shor’s algorithm?
It’s a quantum algorithm that can factor large numbers dramatically faster than classical methods—making it a threat to all encryption systems that rely on this mathematical challenge.
Emerging post-quantum alternatives:
- ML-KEM, ML-DSA, SLH-DSA, HQC – designed to resist quantum attacks
- Hybrid TLS & SSH – experimental protocols that use both classical and PQC
- Quantum-safe VPNs – under development by companies like Microsoft, Google, Cloudflare
Microsoft’s Approach
Among the tech giants, Microsoft is taking a proactive stance:
- It has integrated PQC algorithms into its core crypto library, SymCrypt
- It’s running pilot projects for Post-Quantum TLS, SSH, and VPN
- Its Quantum Safe Program helps enterprises and developers start their transition now
If you’re already in the Microsoft ecosystem (Azure, 365, Defender), these efforts will likely benefit your infrastructure in the coming years.
Conclusion
Quantum computing isn’t an imminent crisis—but it’s a foreseeable one.
It’s not a question of if, but when. And when it happens, organizations that have prepared early will be the least affected.
Starting today means taking a leadership position on long-term data protection, compliance, and resilience.
The future of cybersecurity is quantum-safe. And the future starts now.
welcome on ninjasta.it 