Trending Post-Quantum, PQC Posts

    March 24, 2022

    Cryptography in a Modern 5G Call: A Step-by-Step Breakdown

    Modern telecommunications networks rely on multiple layers of cryptography at every step of a call or data session. Understanding the complexity of the process and the amount of cryptography involved is critical for post-quantum migration planning - an initiative some of my advanced telecommunications clients are kicking off these days.…
    July 3, 2025

    CRQC Readiness Benchmark – Benchmarking Quantum Computers on the Path to Breaking RSA-2048

    Benchmarking quantum capabilities for cryptography is both critical and challenging. We can’t rely on any single metric like qubit count to tell us how near we are to breaking RSA-2048. A combination of logical qubit count, error-corrected circuit depth, and operational speed must reach certain thresholds in unison. Existing benchmarks…
    October 2, 2023

    Cryptographic Stack in Modern Interbank Payment Systems

    International interbank payments rely on multiple layers of classical cryptography to ensure security from end to end. When a user initiates a cross-border transfer at their local bank, cryptographic mechanisms protect the transaction at every stage - from the customer’s online banking session, through the bank’s internal systems, across the…
    April 13, 2024

    How to Perform a Comprehensive Quantum Readiness Cryptographic Inventory

    A cryptographic inventory is essentially a complete map of all cryptography used in an organization’s systems – and it is vital for understanding quantum-vulnerable assets and planning remediation. In theory it sounds straightforward: “list all your cryptography.” In practice, however, building a full cryptographic inventory is an extremely complex, lengthy…

    All Post-Quantum, PQC Posts

    • Post-Quantum Cryptographically Relevant Quantum Computer CRQC
      Marin IvezicJanuary 10, 2023

      Cryptographically Relevant Quantum Computers (CRQCs)

      Cryptographically Relevant Quantum Computers (CRQCs) represent a seismic shift on the horizon of cybersecurity. In this article, we’ve seen that CRQCs are defined by their ability to execute quantum algorithms (like Shor’s and Grover’s) at a scale that breaks the cryptographic primitives we rely on daily. While still likely years (if not a decade or more) away, their eventual arrival is not a question of…

      Read More »
    • Post-Quantum Quantum Computer RSA Security Post-Quantum
      Marin IvezicJanuary 1, 2023

      Quantum Computer Factors Record 48-Bit Number – How Far Are We from Cracking RSA-2048?

      Factoring a 2048-bit number is in a different universe of complexity, requiring thousands of high-quality qubits and billions of operations – a capability that will likely require years of additional scientific and engineering breakthroughs. The current milestone, while remarkable for quantum computing, does not change the security status of RSA or other cryptographic systems. It does, however, add momentum to the quantum computing race and…

      Read More »
    • Post-Quantum Vendors Quantum Readiness
      Marin IvezicDecember 29, 2022

      Engaging and Managing Vendors for Quantum Readiness

      Vendors provide critical software, cloud platforms, fintech solutions, IoT devices, and more - and these often rely on vulnerable cryptographic algorithms under the hood. If a key vendor lags in upgrading their encryption, it could expose your data or systems to quantum-enabled attacks. Engaging vendors early allows you to:

      Read More »
    • Quantum Computing Toffoli Gate Quantum
      Marin IvezicNovember 9, 2022

      The Toffoli Gate: The Unsung Workhorse in Quantum Codebreaking

      Understanding the Toffoli gate’s role isn’t just an academic exercise – it has real implications for when and how quantum computers might break our cryptography. Each Toffoli gate isn’t a single physical operation on today’s hardware; it has to be decomposed into the basic operations a quantum machine can do (typically one- and two-qubit gates). In many quantum architectures, a Toffoli might be broken down…

      Read More »
    • Post-Quantum Beyond PQC
      Marin IvezicSeptember 1, 2022

      Mitigating Quantum Threats Beyond PQC

      The article explores limitations of PQC and explores alternative and complementary approaches to mitigate quantum risks. It provides technical analysis of each strategy, real-world examples of their deployment, and strategic recommendations for decision-makers. The goal is to illuminate why a diversified cryptographic defense – beyond just rolling out new algorithms – is essential to achieve long-term resilience against quantum-enabled adversaries.

      Read More »
    • Post-Quantum Crypto-Agility
      Marin IvezicSeptember 1, 2022

      Introduction to Crypto-Agility

      As we edge closer to the Q-Day—the anticipated moment when quantum computers will be capable of breaking traditional cryptographic systems—the need for crypto-agility becomes increasingly critical. Crypto-agility is the capability of an organization to swiftly and efficiently transition between different cryptographic algorithms and protocols in response to emerging threats and technological advancements.

      Read More »
    • Post-Quantum Post-Quantum Cryptograpy PQC
      Marin IvezicJuly 13, 2022

      Post-Quantum Cryptography (PQC) Introduction

      Post-Quantum Cryptography (PQC) refers to cryptographic algorithms (primarily public-key algorithms) designed to be secure against an attack by a future quantum computer. The motivation for PQC is the threat that large-scale quantum computers pose to current cryptographic systems. Today’s widely used public-key schemes – RSA, Diffie-Hellman, and elliptic-curve cryptography – rely on mathematical problems (integer factorization, discrete logarithms, etc.) that could be easily solved by…

      Read More »
    • Post-Quantum Failures Quantum Readiness
      Marin IvezicMay 6, 2022

      Common Failures in a Quantum Readiness Program

      Even well-run quantum readiness programs can stumble. Here are some common pitfalls in crypto-agility/PQC efforts and how to avoid them: Treating PQC as a simple library or drop-in swap. Perhaps the biggest mistake is underestimating the ecosystem changes required. Simply implementing a PQC algorithm in code but ignoring the surrounding systems (PKI, certificates, protocols) is a recipe for trouble.

      Read More »