Quantum computers get stronger, older encryption methods are becoming vulnerable, triggering a global transition to lattice-based cryptography and advanced cybersecurity protocols.
Two prominent pioneers are widely recognized for their major contributions to PQC and quantum cryptography
Daniel J. Bernstein: A prominent cryptographer and professor at the University of Illinois Chicago, he is widely regarded as a central figure in PQC. He was instrumental in organizing PQC standardization efforts, contributing to algorithm designs like the Classic McEliece team, and bringing cryptographers together to prepare for the quantum era.
Peter Shor: A mathematician at MIT, he is known for inventing Shor’s Algorithm in 1994, which mathematically proved that a sufficiently powerful quantum computer could break classical public-key cryptography (like RSA and ECC). His work catalyzed the need for the entire field of PQC.
Artur Ekert: A professor at the University of Oxford, he is often credited as the father of quantum cryptography (distinct from PQC), having invented the concept of entanglement-based quantum key distribution in 1991.

PQC relies on mathematical problems that even quantum computers cannot easily solve, such as lattice structures. The U.S. National Institute of Standards and Technology (NIST) finalized the initial set of official PQC encryption and signature standards to protect global infrastructure.
If you’re interested in the specific algorithms that NIST recently standardized, I can tell you more about:
- ML-KEM (for key encapsulation)
- ML-DSA and SLH-DSA (for digital signatures)
Why is PQC needed?
Many of today’s widely used public-key cryptographic systems rely on mathematical problems that are difficult for classical computers but could be efficiently solved by quantum computers:
- RSA → vulnerable to Shor’s algorithm
- Diffie–Hellman (DH) → vulnerable to Shor’s algorithm
- Elliptic Curve Cryptography (ECC) → vulnerable to Shor’s algorithm
A sufficiently powerful quantum computer could break these systems, compromising:
- Secure web browsing (HTTPS)
- Digital signatures
- VPNs
- Email encryption
- Blockchain systems using ECC
What remains secure?
Symmetric cryptography is less affected:
- AES-256 remains considered secure with larger key sizes.
- SHA-384 and SHA-512 remain strong, though quantum attacks can reduce security margins.
Main PQC Approaches
Researchers have developed quantum-resistant algorithms based on problems believed to be hard for both classical and quantum computers:
| Category | Example Problem |
|---|---|
| Lattice-based | Learning With Errors (LWE), Module-LWE |
| Hash-based | Merkle trees, one-time signatures |
| Code-based | Error-correcting codes |
| Multivariate | Polynomial equation systems |
| Isogeny-based | Elliptic curve isogenies (largely abandoned after major breaks) |
NIST Standardized PQC Algorithms
The National Institute of Standards and Technology led a multi-year competition to standardize PQC algorithms.
Example PQC Deployment
Major organizations have begun adopting PQC:
- Google has tested PQC in web browsers and TLS.
- Cloudflare supports hybrid post-quantum TLS.
- Governments and critical infrastructure operators are planning cryptographic migration strategies.
Migration Challenge
A major concern is “harvest now, decrypt later”:
- Attackers record encrypted communications today.
- Quantum computers become available in the future.
- Stored data is decrypted retroactively if protected by vulnerable algorithms.
This is why organizations are starting migration before practical quantum computers exist.
Typical Hybrid Deployment
During the transition period, systems often combine classical and PQC algorithms:
Classical Key Exchange (ECDH)
+
Post-Quantum Key Exchange (ML-KEM)
↓
Combined Secret
Advantages and Challenges
Advantages
- Resistant to known quantum attacks.
- Enables long-term data confidentiality.
- Supported by emerging standards.
Challenges
- Larger public keys and signatures.
- Higher bandwidth and storage requirements.
- Migration complexity across existing infrastructure.
- Continued need for cryptanalysis to build confidence.
In One Sentence
Post-Quantum Cryptography is the next generation of encryption and digital-signature technology designed to protect communications and data from future quantum-computer attacks while remaining practical on today’s computers


