Post Quantum Cryptography (PQC): Algorithms, NIST Standardization, Challenges, and Outlook

Market Overview

Here is a general overview of the PQC market, including revenue predictions and mass-market timelines.

• There is significant time and financial investment being poured into PQC as state actors will have supercomputers to carry out cyberattacks on other entities.
• Initial first movers who adopted crypto-agile algorithms between 2018 and 2021 will begin seeing Return on Investment (ROI) within the 2022 to 2024 period from niche areas.
• Growing at a Compound Annual Growth Rate (CAGR) of 15%, PQC revenue will increase from US$196 million in 2022 to US$395 million in 2027.
• A more favorable forecast paints the post-quantum cryptography market as a US$500 million opportunity by 2027, but those hopes could be hindered by inflation, high interest rates, and recession concerns.
• While military, defense, aerospace, and automotive are the focus in the short term, PQC solutions will expand to highly regulated industries once cryptography standards begin completion in 2024 and onward.
• Other regulated sectors and critical infrastructure industries will gradually incorporate PQC once algorithm standards are tested for a few years.
• Mass-market adoption of post-quantum cryptography for enterprises outside critical infrastructure and niche areas won’t materialize until Years to Quantum (Y2Q) and when the technology is mature. The year 2030 is the likely target date.

“The primary industries targeted by PQC vendors are the first movers in the space and include the semiconductor industry, and OEMs in markets where product development is already underway for systems and machines that will be in use in 2030 (notably in military and defense, and in transport, including automotive, aerospace, railway, maritime, etc.).”  – Michela Menting, Research Director at ABI Research 

Key Decision Items

Closely Observe Developments for PQC Algorithm Standardization

Like any other cryptographic security solution, organizations won’t transition to post-quantum cryptography until standardization is established. Although PQC standardization is still very much in its early days, there are plenty of cryptography developments to pay attention to, notably from Standards Development Organizations (SDOs) like the U.S. National Institute of Standards and Technology (NIST).

With work going back to 2017, NIST has recently chosen four candidate algorithms for PQC standardization that target Key Establishment Mechanisms (KEMs) and Digital Signature Algorithms (DSAs). These four algorithms are CRYSTALS-Kyber, CRYSTALS-Dilithium, Falcon, and SPHINCS+. Four more algorithms will be selected in a Fourth Round. NIST has also asked submitters to present a solution for public-key DSAs that involve short/fast signatures by June 1, 2023.

Take an Active Role in PQC Standardization

NIST isn’t alone in standardizing PQC; these processes will require various stakeholders for rigorous and diverse testing of cryptographic solutions. These collaborators include other SDOs like The Internet Engineering Task Force (IETF), national certificate and regulatory agencies, consortia members, industry groups, and open source communities (e.g., OpenSSL).

Indeed, the feedback these industry partners provide will be invaluable to creating the most secure cryptographies that prevent cyberattacks from quantum computers. PQC solutions developed in-house will not likely prosper, because they lack the intense scrutiny and meticulous testing processes provided by NIST, IETF, and the open-source community.

Today, most post-quantum cryptography solutions use one or more candidate NIST algorithms.

Learn the National Strategies for Addressing PQC across the World

National policies have taken a central role in PQC standardization development. The main priorities for governing bodies include protecting national security, critical infrastructure, commercial interests, and citizen privacy from state-sponsored or criminally organized actors. To curb the threats posed by the ever-evolved cybercriminal space, countries worldwide have taken crucial steps toward adopting more advanced cryptography solutions.

The United States, because of its grand influence and open stance toward standardization, takes a leading role in post-quantum cryptography. While significant investment has been seen since 2018, some recent updates include a memorandum on improving the Cybersecurity of National Security, the Department of Defense, and Intelligence Community Systems, as well as an executive order aimed at enhancing the National Quantum Initiative Advisory Committee, among others. The U.S. Senate is also working hard on finalizing a bill that ramps up a national defense against quantum computing data breaches.

Many other countries have taken similar action, such as:

• The French government proclaimed it had allocated for its national quantum strategy (€150 million for PQC).
• Germany, too, has invested €24.2 million in long-term cryptography security. BSI and the Federal Ministry of Education and Research (BMBF) are taking the lead.
• A nationwide cryptography algorithm competition in China in 2020 for KEM/Public Key Encryption (PKE) and DSA.

• Several published reports from organizations in Japan and the United Kingdom on PQ defense and guidance for PQC algorithms.
• US$700 million in investment for quantum technologies in Russia between 2019 and 2024, with Research & Development (R&D) of PQC algorithms.

Develop Agile Post-Quantum Crypto Solutions

The transition to PQC will be a decades-long process, requiring hybrid formats—including classic cryptography and PQC algorithms. So, because legacy devices and systems must remain operable, PQC market players must create backward-compatible solutions.

As there are still many unknowns surrounding PQC in the commercial space, it’s entirely possible that even NIST-standardized algorithms could end up being broken and considered obsolete. For this reason, it’s imperative that semiconductors and solution providers continue supporting legacy devices and systems that users know will work.

Crypto agility also extends to a flexible consumption model. Between future uncertainty and the numerous use cases for PQC algorithms, organizations will seek out stateless, open-source solutions on an OPEX-based business model. This shift will necessitate PQC adopters to recruit developers with deep knowledge of managed/service-based offerings instead of skills tailored for proprietary hardware and systems.

PQC Solutions Available Today

Currently, there’s a wide range of solutions in the post-quantum cryptography market. Below is a small sample of the greater market.

• Consulting Services: A key trend in cyber and digital security is the growing market opportunity for PQC consulting services as enterprises look to optimize their implementation strategies. Since PQC is a new concept to many organizations, they will turn to third-party professionals.
• Software Libraries: Usually geared toward semiconductors and chipset manufacturers, many companies that are part of the NIST standardization provide software libraries for incorporating their algorithms. In case their own algorithm doesn’t satisfy standardization, these software providers frequently offer multiple algorithms.
• Semiconductors and Chipsets: Semiconductors and chipset suppliers like NXP, Infineon, IDEMIA, Qualcomm, and others provide various forms of hardware, often with cryptography agility. Such offerings encompass Integrated Circuits (ICs), Microcontroller Units (MCUs), Microprocessor Units (MPUs), Access Points (APs), and Field-Programmable Gate Arrays (FPGAs).
• PKI and EKM: Public Key Infrastructure (PKI) and Encryption Key Management (EKM) vendors like Entrust, PQ Solutions, and QuantumXchange are primarily focused on public certificates, rather than private Internet of Things (IoT). Every vendor in the PKI and EKM space is a participant in the NIST standardization body.

Some other PQC vendor solutions include Silicon Intellectual Property (IP) and System-on-Chip (SoC) Design, firmware and software, Virtual Private Networks (VPNs), End-to-End (E2E) encrypted messaging, Hardware Security Modules (HSMs), blockchain, and IoT platforms.

Start Addressing PQC Challenges Now to Prepare for the Long-Term

While bringing PQC productization to the mass market is a long-term process, solution providers must confront some lurking questions. For example, how will the PQC market simplify the design process of cryptographic solutions?

As of now, developing new PQC algorithms is a difficult process. Tailoring products for myriad applications, especially for resource or power-constrained devices in the IoT, has not been a strong suit for semiconductors and other PQC players. Thus, remedying the less efficient nature of algorithms for large key and signature sizes will be paramount for widening the PQC market.

There is also the issue of over-saturation of PQC algorithms stemming from SDO standardization and branded technology. While there’s clearly a need for various algorithms that can be applied to myriad use cases, having too many standards runs the risk of a rocky transition to post-quantum cryptography globally.

Consequently, national directives, SDOs, and companies must collaborate closely to ensure there’s an even balance of algorithms being introduced. Otherwise, the PQC market will become fragmented from the onset and impede the hopes of mainstream adoption.

Key Market Players to Watch

• Crypto Quantique
• Crypto4A
• CryptoNext Security
• Entrust
• IBM Corp
• PQShield
• Thales
• Utimaco

Dig Deeper for the Full Picture

Learn more about the latest developments on PQC and the future of security against supercomputer attacks in ABI Research’s Post-Quantum Cryptography research report. 

Not ready for the report yet? Check out our The Hardware Security Module (HSM) Market Embraces the Cloud Research Highlight. This content is part of the company’s Cybersecurity Applications Research Service.