CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use
← Back to glossary

Post-Quantum Cryptography

cryptography Advanced

Also Known As

PQC quantum-safe cryptography CRYSTALS-Kyber NIST PQC quantum resistant

TL;DR

CRYSTALS-Kyber (ML-KEM) and CRYSTALS-Dilithium (ML-DSA) standardised by NIST in 2024 — designed to resist attacks from quantum computers.

Explanation

Quantum computers running Shor's algorithm can break RSA and ECC (the basis of current TLS) in polynomial time. NIST 2024 standards: ML-KEM (Kyber — key encapsulation, replaces ECDH), ML-DSA (Dilithium — digital signatures, replaces ECDSA/RSA), FALCON (compact signatures), SPHINCS+ (hash-based, conservative choice). Harvest now, decrypt later: adversaries collect encrypted traffic today to decrypt once quantum computers exist — a real threat for data that must remain confidential for 10+ years. OpenSSL 3.x with the OQS provider supports PQC algorithms.

Common Misconception

Post-quantum cryptography is only relevant after quantum computers exist — harvest-now-decrypt-later attacks mean data encrypted today must be quantum-safe if it needs to remain confidential for 10+ years.

Why It Matters

Medical, government, and financial records encrypted with RSA today may be decryptable by quantum computers in 2035 — migrating to post-quantum algorithms now protects long-lived sensitive data.

Common Mistakes

  • Waiting for quantum computers to appear before starting migration
  • Not considering hybrid classical+PQC algorithms — use both during transition
  • Using AES-128 instead of AES-256 — Grover's algorithm halves effective key size
  • Hard-coded algorithm choices that make future migration difficult

Code Examples

✗ Vulnerable 
// RSA key exchange — vulnerable to future quantum attack:
$key = openssl_pkey_new(['private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA]);
// Current security: excellent
// Security in 2035 when quantum computer exists: zero
// Data encrypted today: potentially decryptable then
✓ Fixed 
// Cryptographic agility interface — enables algorithm swap:
interface KeyExchange {
    public function generateKeyPair(): KeyPair;
    public function encapsulate(PublicKey $pk): array;
}
// Today: implement with X25519 (classical)
// Migration path: swap to X25519+Kyber (hybrid)
// No application code changes needed
Added 16 Mar 2026
Edited 22 Mar 2026
Views 23

Curated in Warsaw under one editorial standard. 1,444 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
0 pings W 1 ping T 1 ping F 2 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 0 pings F 1 ping S 2 pings S 0 pings M 0 pings T 0 pings W 0 pings T 0 pings F 2 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 1 ping F 1 ping S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T
Agents 0
No pings yet today
No pings yesterday
Amazonbot 8 Perplexity 3 Google 3 Unknown AI 2 Ahrefs 2
Also referenced
Encryption in Transit 32 Asymmetric Encryption 31 Cryptographic Hash Functions 28 TLS Handshake 18
How they use it
crawler 16 crawler_json 2
Related categories
networking 497 cryptography 410
DEV INTEL Tools & Severity
🔵 Info ⚙ Fix effort: High
⚡ Quick Fix
Start migrating to hybrid encryption: use both classical (AES-256) and post-quantum algorithms together — NIST standardised ML-KEM (Kyber) and ML-DSA (Dilithium) in 2024 for key encapsulation and signatures
📦 Applies To
any web cli
🔗 Prerequisites
🔍 Detection Hints
RSA or ECC used for long-term key protection of sensitive data that must remain secret for 10+ years; no post-quantum migration plan
Auto-detectable: ✗ No
⚠ Related Problems
🤖 AI Agent
Confidence: Low False Positives: Medium ✗ Manual fix Fix: High Context: File Tests: Update
CWE-327
✓ schema.org compliant