All Post-Quantum, PQC Posts
-
Quantum Security & PQC
NIST Narrows the Field: Nine Post-Quantum Signature Candidates Advance to the Third Round
NIST just narrowed 14 post-quantum signature candidates to nine. The survivors span four distinct mathematical families, from isogeny-based compact signatures to multivariate schemes under active cryptanalytic fire. Here's what each candidate is, why NIST kept it, and what this means for your PQC migration planning.
Read More » -
CNSA 2.0
CNSA 2.0: The Complete Guide to NSA’s Post-Quantum Requirements
The definitive vendor-neutral reference to NSA's Commercial National Security Algorithm Suite 2.0 — the most operationally specific post-quantum cryptography mandate in the world. This guide breaks down every component of CNSA 2.0 in one place: the complete algorithm suite with NIST standard names and FIPS references (ML-KEM-1024, ML-DSA-87, AES-256, SHA-384/512, LMS, XMSS), why NSA mandates only the highest parameter levels, the full category-by-category transition timeline…
Read More » -
Quantum Threat to Cryptocurrencies
The Quantum Threat to Cryptocurrencies: What’s Real, What’s Hype, and What to Do About It
Google Quantum AI estimates that breaking the 256-bit elliptic curve cryptography protecting Bitcoin and Ethereum would require fewer than 500,000 physical qubits and roughly nine minutes of runtime on a superconducting architecture. The same day that paper landed, a separate team published estimates showing the same computation could be performed with as few as 10,000 reconfigurable neutral atom qubits over roughly ten days. Neither machine…
Read More » -
Post-Quantum, PQC, Quantum Security
Pick One Layer: How to Choose the Post-Quantum Migration That Protects the Most
Recent research proves one post-quantum layer can protect all payload confidentiality. But which layer should you migrate first? Six enterprise architecture scenarios analyzed.
Read More » -
Quantum Snake Oil
Quantum Snake Oil: A Field Guide to Misleading Quantum Technology Marketing
Over thirty terms. Two tracks. One field guide. The quantum technology market has the exact conditions that produce fraud in every emerging sector: high buzz, big money, low buyer literacy, and complex underlying science that most decision-makers cannot independently evaluate. This dictionary maps the terminology that CISOs, investors, and procurement officers encounter in vendor pitches: the fabricated red-flag terms like "quantum-proof," "quantum-grade encryption," and "quantum-safe…
Read More » -
Post-Quantum, PQC, Quantum Security
The Anatomy of Quantum Denial: What Bitcoin’s Response to the Quantum Threat Teaches Every CISO
At Bitcoin 2026, the same main stage hosted engineers building quantum-resistant upgrades and a trio claiming quantum computers can never work because Bitcoin proves time is discrete. The dysfunction that produced this scene plays out in every enterprise boardroom facing PQC migration.
Read More » -
Post-Quantum, PQC, Quantum Security
Crypto-Agility Is an Architecture Problem, Not a Library Swap
Every PQC migration guide tells you to "be crypto-agile." After leading migrations at Fortune Global 500 scale, I can tell you where that advice fails: HSMs that can't upgrade, protocols with hard-coded algorithms, and embedded devices that will outlive the cryptography they verify.
Read More » -
Post-Quantum, PQC, Quantum Security
The Signature Supply Chain: How Deep Does Digital Trust Go?
From TPM attestation keys to container image signatures, modern systems depend on dozens of signature layers most security teams have never fully mapped. This deep dive exposes the full anatomy of the trust infrastructure a quantum computer would compromise.
Read More »