Trending Post-Quantum, PQC, Quantum Security, Quantum Readiness Posts

    June 26, 2025

    Why AI Cannot Break Modern Encryption

    AI cannot break modern encryption. The reasons are fundamental: Mathematical Hardness, Cryptographic Design, Empirical Track Record, Quantum Contrast, Expert Consensus.
    March 24, 2022

    Cryptography in a Modern 5G Call: A Step-by-Step Breakdown

    Modern telecommunications networks rely on multiple layers of cryptography at every step of a call or data session. Understanding the complexity of the process and the amount of cryptography involved is critical for post-quantum migration planning - an initiative some of my advanced telecommunications clients are kicking off these days.…
    July 4, 2025

    How CISOs Can Use Quantum Readiness to Secure Bigger Budgets (and Fix Today’s Problems)

    Quantum readiness is not an exercise in science fiction – it’s a very practical program that yields benefits immediately. Regulators are pushing us all in this direction, which means boards are willing to fund it. The journey forces you to finally catalog your cryptographic assets and clean up long-standing weaknesses,…
    April 13, 2024

    How to Perform a Comprehensive Quantum Readiness Cryptographic Inventory

    A cryptographic inventory is essentially a complete map of all cryptography used in an organization’s systems – and it is vital for understanding quantum-vulnerable assets and planning remediation. In theory it sounds straightforward: “list all your cryptography.” In practice, however, building a full cryptographic inventory is an extremely complex, lengthy…

    All Post-Quantum, PQC Posts

    • Quantum Policies Canada PQC Regulatory Framework
      MarinDecember 29, 2025

      No Single Law, No Single Excuse: How Canada Regulates PQC Without Saying “Quantum”

      Canada's visible PQC guidance - three documents published mid-2025 - is just the tip. Beneath it sits a layered enforcement framework spanning financial regulation, critical infrastructure law, privacy obligations, and securities disclosure that collectively creates binding pressure for quantum readiness. OSFI already requires federally regulated financial institutions to maintain "strong cryptographic technologies" and has issued a direct quantum readiness bulletin. The pending CCSPA would add…

      Read More »
    • Post-Quantum, PQC, Quantum Security Telecoms Quantum Readiness
      MarinDecember 12, 2025

      Telecom Quantum Readiness: Why the Urgency and Where to Start

      An increasing number of telecom leaders have been pinging me lately about quantum readiness. And frankly, that’s exactly what they should be doing. New regulations and mandates are emerging left and right (in various jurisdictions and across the industry) requiring critical infrastructure to become quantum-safe in the coming years. As someone who used to run global telecom cybersecurity practices - and served as interim CISO…

      Read More »
    • Post-Quantum, PQC, Quantum Security QKD
      MarinDecember 3, 2025

      Quantum Key Distribution (QKD): Why Countries Differ on Its Future

      Quantum Key Distribution (QKD) - a method of securing communications using quantum physics - has become a flashpoint of debate worldwide. Recent news (like Google’s announcement favoring post-quantum algorithms over QKD) highlights how divided opinions are. Some nations are investing heavily in QKD networks as the next frontier of secure communications, while others remain skeptical and prioritize post-quantum cryptography (PQC). United States and Allies: Emphasizing…

      Read More »
    • Q-Day Q-Day Knowledge Center
      MarinDecember 2, 2025

      Q-Day Knowledge Center & Q-Day Framework and Estimator

      Q-Day Knowledge Center - Your complete guide to understanding, forecasting, and preparing for quantum decryption risk.

      Read More »
    • Post-Quantum, PQC, Quantum Security Rethinking CBOM
      MarinNovember 26, 2025

      Rethinking CBOM

      The simplest way to explain CBOM is still the best. If SBOM is the ingredients list for software, CBOM is the ingredients list for the security assumptions that software depends on. Where SBOM tracks components and dependencies, CBOM tracks cryptographic assets - algorithms, protocols, certificates, keys, and related material - and the relationships that turn "implemented somewhere" into "actually used here." This is not happening…

      Read More »
    • Post-Quantum, PQC, Quantum Security Quantum ISAC
      MarinNovember 5, 2025

      Why We Need a Quantum Security ISAC

      Quantum computing promises revolutionary capabilities, but it also poses unprecedented threats to cybersecurity. Experts warn of a looming “Quantum Apocalypse” scenario - the day when a sufficiently advanced quantum computer can crack encryption like RSA or ECC, exposing sensitive data that was once considered secure. And of course, there's the already present "harvest now, decrypt later." The potential impact of cryptography-breaking quantum computers is global…

      Read More »
    • Post-Quantum, PQC, Quantum Security Shor RSA, ECC, Diffie-Hellman
      MarinNovember 4, 2025

      How ECC Became the Easiest Quantum Target

      Elliptic curve cryptography (ECC) will likely fall to quantum computers before RSA does - a cruel irony, since ECC's smaller keys were considered an advantage. Shor's algorithm needs roughly 2,330 logical qubits and 126 billion Toffoli gates to break P-256 ECDSA, versus approximately 1,409 logical qubits but 6.5 billion Toffoli gates for RSA-2048. At equivalent classical security levels (P-256 ≈ RSA-3072), the disparity becomes dramatic:…

      Read More »
    • Post-Quantum, PQC, Quantum Security Securing Quantum Computers
      MarinNovember 1, 2025

      Securing Quantum Computers – Threat at the Quantum-Classical Interface

      A global race is on to build cryptographically relevant quantum computers (CRQCs) - machines powerful enough to break current encryption. Governments and industry are pouring billions into quantum R&D, and intelligence analysts scrutinize whether a geopolitical rival might secretly be ahead. Yet amid this focus on who builds a quantum codebreaker first, an alternative threat vector is often overlooked: an adversary might not need to…

      Read More »