In March, the UK’s National Cyber Security Centre (NCSC) published an important report calling for organisations to start preparing for Post-Quantum Cryptography (PQC) https://www.ncsc.gov.uk/guidance/pqc-migration-timelines. You might be thinking, “Quantum… cryptography… sounds complicated! Should I even care?” Let’s break it down simply.

What is Cryptography?

Imagine you send a confidential letter through the post. To ensure only the intended recipient can read it, you’d seal it securely. Digital cryptography does essentially the same thing – it protects your online information with digital locks, keeping it safe from prying eyes.

Why “Quantum” Matters

Quantum computers, which are rapidly advancing, are powerful enough to eventually break the digital locks we rely on today. They’re a bit like inventing a new type of lock-pick capable of opening every lock currently in use. Quantum computing isn’t just a theoretical threat; it’s becoming increasingly realistic and practical. This is why you’re starting to see quantum computing and cryptography pop up everywhere from news stories to government recommendations.

Classical vs Quantum – How Fast Could Encryption be Broken?

To put this in perspective, breaking RSA 2048-bit encryption—a widely used encryption standard—would take billions of years with today’s most powerful classical supercomputers. In contrast, a sufficiently powerful quantum computer could theoretically crack this encryption within minutes. This enormous difference highlights the urgency behind preparing for a quantum future. Putting it simply, the encryption we rely upon today simply will not be fit for purpose in the era of quantum computers.

Introducing Post-Quantum Cryptography (PQC)

Post-Quantum Cryptography simply means new methods of encryption that quantum computers won’t easily crack. It’s the digital equivalent of upgrading to newer, stronger locks before the new lock-pick becomes common.

The NCSC report clearly lays out a timeline for organisations:

• By 2028: Understand what digital locks you use today and create a plan.
• By 2031: Start replacing your most vulnerable locks.
• By 2035: Complete the transition fully to quantum-safe cryptography.

Why am I talking about this?

At CyberHive, our founder and CTO, David Blundell, alongside our dedicated team of cybersecurity researchers, has spent more than two decades in cybersecurity and cryptography. We’ve seen firsthand how critical it is to anticipate threats rather than just react to them. Post-Quantum Cryptography isn’t just about technology; it’s about ensuring your personal, business, and national data stays secure in an era of rapid technological change.

In the next blog, we’ll explore whether you, personally or professionally, should worry about PQC, and what the risks might be if you don’t.