Trials and demos
How to buy

What is post-quantum cryptography?

Post-quantum cryptography (PQC) refers to cryptographic techniques designed to maintain data security against the threat of powerful quantum computers. 

Read PQC white paper (PDF) Explore Cisco Secure Routers

    Why is PQC important?

    As quantum machines become more sophisticated, they pose a significant risk to existing encryption systems, making it critical to understand and implement PQC for future cybersecurity. 

    Quantum computing introduces remarkable computational power, presenting substantial challenges to traditional encryption techniques. Current systems like Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) rely on complex mathematical problems that quantum computers can solve with much greater speed. For example, a quantum process called Shor's algorithm threatens RSA, which underpins a vast array of global communications. Similarly, ECC, frequently used for mobile and IoT security, faces comparable vulnerabilities. These weaknesses could lead to widespread data breaches and a significant loss of privacy.

    While quantum computers capable of breaking traditional encryption are not yet widespread, rapid advancements are underway. Experts predict that quantum decryption may become feasible within the next decade, underscoring the urgent need for robust, quantum-resistant solutions. 

    Post-quantum encryption algorithms

    Research in PQC focuses on developing algorithms that can withstand attacks from quantum algorithms. Key categories of these new encryption algorithms include: 

    • Lattice-based cryptography
    • Hash-based signatures
    • Multivariate quadratic equations
    • Code-based schemes

    These methods are promising due to their inherent security features and efficiency in key generation and encryption processes. Assessing these algorithms involves evaluating their security against both classical and quantum attacks, along with performance metrics such as computational efficiency, memory requirements, and ease of integration into existing systems. Current research, notably through initiatives by organizations like the National Institute of Standards and Technology (NIST), aims to standardize these algorithms to identify the most resilient solutions. The development of hybrid systems, combining classical and quantum-resistant algorithms, is also crucial for a secure transition. 

    Transitioning to a quantum-resistant future

    Integrating PQC into existing systems is essential for safeguarding data as quantum computing progresses. Best practices for this transition include thoroughly evaluating current cryptographic protocols to identify weaknesses susceptible to quantum attacks. The process, however, presents several challenges, such as ensuring compatibility with legacy systems, navigating the current lack of full standardization for emerging algorithms, and addressing potential performance considerations like increased latency or computational resource demands. Organizations can leverage various tools and resources, including engaging with industry forums and communities, to gain insights and stay updated on new standards. Collaboration among IT, security, and compliance teams is vital to align PQC adoption with organizational objectives.

    Cisco is already integrating post-quantum resilient algorithms into our secure routers and other networking infrastructure. For instance, new Cisco routing systems, like the Cisco 8000 Series Routers, are being designed with line-rate encryption using PQC algorithms to safeguard against emerging quantum threats and protect data in transit from "harvest now, decrypt later" attacks.

    "Harvest now, decrypt later" attacks occur when cybercriminals collect encrypted data today, with the intent to break its encryption in the future using a quantum computer with the capability of breaking current encryption methods.

    The future of cybersecurity

    The advancement of quantum computing will bring significant changes to cybersecurity, potentially rendering traditional encryption methods obsolete. Organizations must proactively invest in algorithms resistant to quantum threats to maintain the strength of their cybersecurity frameworks. Emphasizing education and awareness is crucial to cultivate a security culture that embraces innovation while protecting sensitive information. Collaboration among academia, industry leaders, and government entities is also essential for establishing new standards for secure communications. By understanding and adopting PQC, we can harness the potential of quantum computing while effectively mitigating its associated risks to our digital world.

    Additional resources

    What is a secure router?

    A secure router is a vital part of modern network infrastructure, designed to protect your business from cyberthreats while ensuring reliable connectivity.

    Learn about secure routers

    What is a cyberattack? 

    Learn about the types of cyberattacks and prevention methods.

    Learn about cyberattacks

    What is a cybersecurity specialist?

    Cybersecurity specialists protect against risks by helping to secure information systems.

    Learn about cybersecurity specialists

    What is a smart switch?

    A smart switch is a new class of networking device designed for the demands of the AI era.

    Learn about smart switches

    Quantum-safe computing

    Understand the actions being taken by governments and industry around quantum-safe cryptography, and discover how Cisco is supporting a secure future.

    Learn about quantum-safe computing

    Getting started with PQC

    Explore these tips to help organizations effectively transition to post-quantum cryptography.

    Read infographic (PDF)

    Video

    Quantum hurdles: An optimistic view of post-quantum security

    Learn more about the challenges and proactive steps being taken to secure digital systems against quantum computers.