Post-quantum cryptography: where to start?

A sufficiently powerful quantum computer would break part of the cryptography used today. The threat is not immediate, but it calls for early action: data encrypted today can be intercepted and kept to be decrypted later — the logic of “harvest now, decrypt later”.

The standards exist

In August 2024, NIST published its first three post-quantum cryptography standards: FIPS 203 (ML-KEM, a key-encapsulation mechanism), FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA), the latter two for digital signatures. NIST recommends putting them into use now.

Start with the inventory

You do not migrate what you do not know. The first step is to list cryptographic uses — protocols, algorithms, keys, certificates — often scattered across systems and rarely consolidated. This inventory reveals the dependencies and the real priorities.

Aim for crypto-agility

The goal is not only to replace an algorithm, but to acquire the ability to change it without rebuilding the systems — crypto-agility. The transition is then staged according to the sensitivity of the data and its lifespan: what must stay confidential for a long time comes first.

Starting early, with the inventory, turns a distant deadline into a controlled trajectory.