COMMENTARY: Around the world, the quantum community is making huge progress in creating stable, commercially viable quantum computers. As the idea of quantum technology becoming a part of everyday applications becomes more realistic, there's a growing sense of uncertainty.Recently, NIST released an Initial Public Draft (IPD) report outlining a roadmap for transitioning from traditional public-key cryptographic algorithms to standardized post-quantum cryptography (PQC). This includes a transition plan, including timelines and key considerations for migration, aimed at helping federal agencies, industries, and standards organizations transition their Infrastructure, products, and services to PQC-ready by 2035. The report also includes a list of current and widely-used key establishment and digital signature algorithms that will soon be deprecated.NIST also points out that transitioning from algorithm standardization to full integration into information systems can take anywhere between 10 to 20 years. Given the time it takes and the rise of “harvest now, decrypt later” attacks, it’s more important than ever for organizations to start preparing for post-quantum cryptography (PQC) now. NIST’s report serves as a vital resource, offering clarity and direction to help begin and speed up the PQC adoption journey.Quantum machines could potentially break traditional encryption methods, putting sensitive information at risk. For businesses, getting ready for these threats is no longer optional—it’s a necessity. This is where Managed Security Service Providers (MSSPs) can aid in, offering valuable consultation service, support and Implementation plan.2023In August 2023, NIST released the Initial Public Drafts (IPD) of three of the above algorithms to get industry feedback and make appropriate revisions.2024A year later, after completing the fourth round of standardization, on August 13, 2024, NIST released the finalized PQC encryption algorithm standards with name changes:
Why Post-Quantum Security Matters
Current encryption methods, like RSA and ECC, rely on complex math problems that are hard for regular computers to solve. However, quantum computers, using algorithms like Shor’s, can break these encryptions much faster. Knowing that a large-scale quantum computer could effortlessly break today’s cryptographic algorithms like RSA, DSA, ECDH, ECDSA, and EdDSA and expose sensitive, confidential data means businesses' financial data, intellectual property, and customer information could be at risk; and a major concern for many CISOs.Gartner® predicts that by 2029, quantum computing will be in a position to weaken existing systems to the point that they are considered unsafe to use cryptographically.Migration to PQC is a much more complex undertaking when compared to other cryptographic migrations from the past. The new PQC algorithms have significantly different properties from the current algorithms in terms of key sizes, signature sizes, key exchange, computational requirements, entropy, and others. Naturally, the challenges in migration are multifaceted, involving changes to infrastructure, algorithms, applications, and compliance frameworks. MSSPs must help organizations plan extensively, ensuring that their systems are robust enough to handle the demands of PQC while maintaining seamless operations.History and Background of PQC Algorithms
Before we dwell on the role of MSSPs, let us understand a bit about the NIST’s finalized PQC encryption algorithm standards and the key factors to consider for the PQC migration.2016In 2016, NIST kicked off the Post-Quantum Cryptography (PQC) Standardization Project aimed at developing trusted and tested PQC encryption algorithms that are secure against attacks by both classical and quantum computers.2022In July 2022, after the third round of the standardization process, NIST made a preliminary announcement, unveiling the first four selected algorithms:- CRYSTALS-Kyber for KEM (Key Establishment Mechanism) for general encryption
- CRYSTALS-Dilithium, Falcon, and SPHINCS+ for digital signature schemes
- FIPS 203: Referred to as ML-KEM, based on the CRYSTALS-KYBER algorithm for general encryption
- FIPS 204: Referred to as ML-DSA, based on the CRYSTALS-Dilithium algorithm for digital signatures
- FIPS 205: Referred to as SLH-DSA, based on the SPHINCS+ algorithm for digital signatures




