What is PQC - and why should businesses care?

Every device you use – whether it’s your computer, laptop, mobile phone or another device – is protected by cryptographic algorithms designed to keep your data safe. But what if the algorithms we rely on today could be cracked in an instant? That’s the threat we face from quantum computers.

Encryption protocols like Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) currently protect billions of devices because the algorithms used to create security keys are large, complex, and would take years to break using traditional computers. However, as covered in our previous blog, quantum computers will be able to use Shor’s and Grover’s algorithms to significantly reduce the time to identify these keys.

There is a strong possibility that hackers are preparing to carry out ‘harvest now, decrypt later’ attacks, in which sensitive but encrypted data is stored away on the understanding that quantum computers will be able to access it in a few years. In response, there has been significant movement in terms of post quantum cryptography (PQC) preparation in recent months, as organisations scramble to prepare for potential attacks.

Which PQC algorithms are now finalised?

To give an example, the National Institute of Standards and Technology (NIST) finalised its first three PQC-specific standards in August 2024. CRYSTALS-Kyber, CRYSTALS-Dilithium and SPHINCS+ are now considered the most adequate standards for securing data against quantum attacks.

Kyber is a key encapsulation mechanism (KEM), which allows a user to securely send a secret key to a recipient using the latter’s public key. By combining key generation and encryption into a single process, security professionals can secure larger messages during data transmission. Kyber is not the only NIST-approved algorithm using KEM: as of March 2025, HQC was selected as a back-up option, with the first draft of the standard expected within the next year.

Alternatively, Dilithium and SPHINCS+ are digital signature schemes, a cryptographic method that uses algorithms to attest the authenticity of messages or documents. Users can trust that a message they receive is exactly what it presents itself as a result of the sender ‘signing’ it using a private key which is verified at the other end using the sender’s corresponding public key.

What PQC roadmaps have already been published?

A number of organisations have since rolled out public migration plans to these PQC algorithms, including the National Cyber Security Centre (NCSC) which published its timelines for the United Kingdom. By 2028, decision-makers at large organisations will be expected to have carried out a full audit of their services and infrastructure to work out what needs to be upgraded to PQC, as well as build out an initial plan for migration. By 2031, the highest-priority PQC migration activities should have been carried out, with complete migration of all systems, services and products to PQC algorithms by 2035.

In June 2025, the EU Commission also published its PQC roadmap. By the end of 2026, all member states should begin transitioning to PQC through strategies laid out by their respective nations. By the end of 2030, all critical infrastructure and other high-risk systems found within the EU must be secured by PQC algorithms.

Which organisations are implementing PQC?

Major corporations are now starting to embrace PQC in line with these timelines. In May 2025, Microsoft rolled out PQC capabilities within Windows Insiders and Linux to empower organisations, developers and security teams to integrate algorithms within real-world environments. The business is also actively collaborating with industry partners and standards bodies to promote standardisation for key PQC algorithms.

Many standards bodies also intend to adhere to the recommendations set out by NIST and similar organisations. The Trusted Computing Group (TCG) and the FIDO Alliance have publicly released statements on their PQC readiness, demonstrating their preparations for the PQC era of computing, and their commitment to integrating the latest algorithms into their specifications and standards.