Trending Post-Quantum, PQC Posts

    July 4, 2025

    How CISOs Can Use Quantum Readiness to Secure Bigger Budgets (and Fix Today’s Problems)

    Quantum readiness is not an exercise in science fiction – it’s a very practical program that yields benefits immediately. Regulators are pushing us all in this direction, which means boards are willing to fund it. The journey forces you to finally catalog your cryptographic assets and clean up long-standing weaknesses,…
    March 24, 2022

    Cryptography in a Modern 5G Call: A Step-by-Step Breakdown

    Modern telecommunications networks rely on multiple layers of cryptography at every step of a call or data session. Understanding the complexity of the process and the amount of cryptography involved is critical for post-quantum migration planning - an initiative some of my advanced telecommunications clients are kicking off these days.…
    August 4, 2025

    The Trouble with Quantum Computing and Q-Day Predictions

    The trouble with quantum computing predictions so far has been that too many have been more speculation than science, more influenced by bias than by balanced analysis. We have the tools and knowledge to do better. By embracing a data-driven, scenario-based approach, we can turn timeline forecasting from a source…
    June 26, 2025

    Why AI Cannot Break Modern Encryption

    AI cannot break modern encryption. The reasons are fundamental: Mathematical Hardness, Cryptographic Design, Empirical Track Record, Quantum Contrast, Expert Consensus.

    All Post-Quantum, PQC Posts

    • Post-Quantum CISO Post Quantum Legal Risk
      MarinOctober 19, 2025

      Post-Quantum Negligence: Legal Risks of Failing to Prepare for the Quantum Threat

      Quantum computing is no longer a far-off hypothesis - it’s a rapidly emerging reality that could render today’s encryption obsolete. For CISOs and their boards, this means a new kind of cybersecurity crisis is on the horizon. Sensitive data that is safely encrypted now may be sitting like a ticking time bomb, waiting to be cracked by tomorrow’s quantum machines. The message is clear: security…

      Read More »
    • Post-Quantum Sovereignty PQC Quantum
      MarinOctober 13, 2025

      Sovereignty in the Post-Quantum Cryptography (PQC) Era

      Post-Quantum Cryptography (PQC) is entering the standards stage, with the U.S. National Institute of Standards and Technology (NIST) recently selecting the first quantum-resistant algorithms. However, the future of PQC will not be as straightforward as simply adopting NIST’s choices globally. A strong push for digital sovereignty is emerging around the world, driven by eroding trust in foreign (particularly U.S.) technology. Nations are seeking greater control…

      Read More »
    • Post-Quantum TNFL Trust Now Forge Later
      MarinOctober 10, 2025

      Trust Now, Forge Later (TNFL) – The Overlooked Quantum Threat

      What is "Trust Now, Forge Later" (TNFL)? Most discussions about quantum computing threats focus on “Harvest Now, Decrypt Later” (HNDL) - the idea that adversaries can collect encrypted data today and store it, hoping a future quantum computer will break the encryption and expose sensitive information. This risk is very real, especially for data that needs to remain confidential for decades (think government secrets, health…

      Read More »
    • Post-Quantum Vendor Quantum
      MarinOctober 7, 2025

      Quantum Readiness Is Not (Just) a Vendor Problem

      In the recent IBM's “Secure the Post-Quantum Future” report 62% of executives admitted that their organization is waiting for vendors to make them quantum‑safe. In other words, they expect cloud providers, network equipment makers and software vendors to embed post‑quantum cryptography (PQC) so that internal teams can simply apply updates. This mindset is understandable - modern enterprises depend on vast supply chains - but it…

      Read More »
    • Post-Quantum Quantum Readiness PQC Program Telecom
      MarinSeptember 23, 2025

      Quantum-Readiness / PQC Full Program Description (Telecom Example)

      Preparing a large telecom (or any enterprise) for the post-quantum cryptography era is a massive, multi-faceted undertaking, but it is achievable with foresight, resources, and commitment. We’ve seen that it involves much more than just installing new algorithms - it’s about transforming an organization’s approach to cryptography across potentially thousands of applications and devices, under uncertain timelines and in coordination with many external players. In…

      Read More »
    • Q-Day Q-Day Deadline Set
      MarinSeptember 13, 2025

      Forget Q-Day Predictions – Regulators, Insurers, Investors, Clients Are Your New Quantum Clock

      Whether you personally believe Q-Day will come in 5 years or 50, the world around you isn’t taking chances - and neither can you. As a CISO, you’re now being implicitly (and sometimes explicitly) told by every corner of your ecosystem that quantum preparedness is mandatory. Regulators demand it via hard deadlines. Key clients and partners demand it in contracts and RFPs. Insurers will soon…

      Read More »
    • Post-Quantum Crypto-Agility Marin's Law
      MarinAugust 13, 2025

      Marin’s Law on Crypto-Agility: Adaptability Determines Survivability

      Thesis: Migration time to safer cryptography is inversely proportional to an organization’s crypto-agility. Formally: Let A denote an organization’s crypto-agility (0 ≤ A ≤ 1) and Y the wall-clock time required to replace a cryptographic primitive across all in-scope systems. Then Y ≈ K ⁄ A for some complexity constant K. As A → 0, Y → ∞. Corollary: Raising A today shortens all future…

      Read More »
    • Q-Day How to estimate q-day
      MarinAugust 10, 2025

      How You, Too, Can Predict Q-Day (Without the Hype)

      For three decades, Q-Day has been “just a few years away.” I want to show you how to make your own informed prediction on when Q-Day will arrive. Counting physical qubits by itself is misleading. To break RSA you need error‑corrected logical qubits, long and reliable operation depth, and enough throughput to finish within an attack‑relevant time window.

      Read More »