In the April 2021 report published by NIST, Getting Ready for Post-Quantum Cryptography the standards body outlines the challenges associated with adopting and using PQC algorithms after the standardization process is complete. In August of 2024 NIST finalized and released the first set of quantum-safe encryption algorithms and strongly encouraged organizations to begin the transition now since it will be a multi-year effort before full transition is complete.
The urgency to act stems from 3 fronts:
- A quantum computer may be available before then.
- There is no guarantee that the cryptographic standards selected will not be broken by adversaries or vulnerable to implementation errors.
- “Harvest today, decrypt tomorrow” attacks are happening now.
Learn how Phio TX from Quantum Xchange address all of the PQC adoption challenges outlined by NIST and can be deployed today with very little lift or outlay.
Cybersecurity is about to change. Public Key Encryption (PKE), the system that for years has protected our digital universe and communications networks is in danger of becoming obsolete. No one argues if a quantum computer will break today’s encryption standards — Shor’s algorithm has proven this to be true. How soon is almost beside the point. History shows past cryptographic transitions can take years, even decades to complete.
In 2005 and again in 2007, the U.S. National Institute of Standards and Technology (NIST) recommended through special report SP 800-57 that subscribers move from 1024-bit to 2048-bit RSA by 2010. In 2011, NIST upgraded their policy and issued special publication SP 800-131A to allow for a three-year transition period from 1024 to 2048 bits ending Dec. 31, 2013. It took more than 20 years for the Advanced Encryption Standard (AES) to completely replace Data Encryption Standard (DES) and 3DES.
Today, RSA-2048 encryption is considered the gold standard for PKE and critical to the protection of email exchanges, VPNs, secure webpage connections, digital supply chains, e-commerce, cryptocurrencies, passwords, and users accounts. If PKE enables more than 4.5 billion internet users to securely access 200 million websites and engage in some $3 trillion of retail e-commerce annually1, why are so many organizations taking a lackadaisical, wait and see attitude to quantum readiness planning and execution? Many are relying on the Post-Quantum Cryptography (PQC) project sponsored by NIST to determine the set of PQC standards and migration guidelines needed to augment and ultimately replace RSA.
In the April 2021 report published by NIST, Getting Ready for Post-Quantum Cryptography the standards body outlines the challenges associated with adopting and using PQC algorithms after the standardization process is complete. In August of 2024 NIST finalized and released the first set of quantum-safe encryption algorithms and strongly encouraged organizations to begin the transition now since it will be a multi-year effort before full transition is complete.
The urgency to act stems from 3 fronts:
- A cryptographically relevant quantum computer (CRQC) may be available in the next few years.
- There is no guarantee that the cryptographic standards selected will not be broken by adversaries or vulnerable to implementation errors. History has demonstrated all past cryptographic standards have been broken. This is why NIST already announced a backup algorithm in May of 2025.
- “Harvest today, decrypt tomorrow” attacks are happening now.
1BCG, “Ensuring Online Security in a Quantum Future,” March 30, 2021
“Given recent quantum advancements and breakthroughs, we can expect quantum computing to be present in our day-to-day platforms and processes within the next few years.”
April 2025
Chris Dimitriadis
Chief Global Strategy Officer, ISACA
“We encourage system administrators to start integrating [post-quantum encryption] into their systems immediately, because full integration will take time.”
August 2024
Dr. Dustin Moody
Lead, Post-Quantum Cryptography project at NIST
“Quantum computing has a one-in-seven chance of breaking RSA-2048 encryption by 2026. By 2031, that chance jumps to 50 percent.”
September 2016 report, “Quantum Computing: A New Threat to Cybersecurity.”
Michele Mosca
Co-Founder, University of Waterloo’s Institute for Quantum Computing
The Time Window for Upgrading Cryptographic Infrastructure is Closing Rapidly
Image Source: BCG, “Ensuring Online Security in a Quantum Future,” March 30, 2021
As NIST warns, cryptographic transitions are disruptive and resource intensive. The replacement of algorithms can require changing or replacing libraries, validations tools, hardware, operating systems, application code, device protocols, and user/administrative procedures. Most organization would prefer to avoid expensive rip and replace security projects in favor of an incremental transition toward quantum-safety.
Address Present-Day Data Protection Requirements and the Quantum Threat at Once
Address Present-Day Data Protection Requirements and the Quantum Threat at OnceQuantum Xchange offers a better approach. It solves for the quantum threat architecturally and at the same time helps organizations overcome the inherent vulnerabilities of modern key-management practices. The company’s groundbreaking key distribution system, Phio TX®, is a FIPS 203 and 140-3 validated, simple architecture overlay that can be dropped into your existing encryption environment to deliver an infinitely stronger cybersecurity posture today and a scalable solution to increase quantum-protection levels as the threat landscape evolves and new risks associated with advances in computing and mathematics emerge.
Phio TX leverages its patent-pending, out-of-band symmetric key delivery technology to supplement native encryption with an additional key-encrypting-key (KEK) transmitted independent of the data path. An attacker must now know two keys are in play, steal them both, and understand when, where, and how they are paired — a near impossible feat even for a quantum computer.
Phio TX is the first key exchange to support quantum keys from any source, i.e., PQC, Quantum Key Distribution (QKD), Quantum Random Number Generated (QRNG), or a combination. Further crypto agility is achieved through Phio TX’s support of all PQC Key Encapsulation Mechanism (KEM) candidate algorithms – meaning, customers can change PQC algorithms without disturbing their networks.
If desired, customers can even begin with PQC then eventually add QKD with no changes needed to the underlying infrastructure. There is no fiber required and no distance limitations on key delivery. With Phio TX, keys are continuously rotated and can be delivered point-to-multipoint over any media that can carry TCP/IP v4 or v6 traffic, i.e., fiber, satellite, 4G, 5G, or copper.
The following diagram captures the top-level challenges and concerns NIST has outlined to help organizations develop and implement algorithm migration playbooks that they warn “can and should begin immediately.” See how Phio TX immediately addresses these issues, enabling organizations to easily extend the life of their existing crypto infrastructure and investment by making it immediately quantum safe and crypto agile.
There’s Too Much at Stake to Wait
Contact Quantum Xchange to learn more about our risk free and economic friendly approach to post-quantum safety that provides instant security benefits to your organization and a key distribution system for the ages.
