The Post-Quantum Future
The era of practical quantum computing appears to be growing ever closer, with international innovation in photonic circuits, superconductors, and mathematical error-correcting topologies, among others, contributing towards a common goal. In this article we explain what it will mean for your organization and provide tips about how to prepare.
Against this backdrop, the potential effect of full-scale quantum computing on cryptography and encryption cannot be understated. Using quantum computing some forms of encryption, widely used today for internet commerce, online banking, secure messaging and other services are expected to be easily decrypted. Organizations should study The National Cyber Security Centre’s guidance and timeline for transition to post quantum cryptography (PQC):
The Transport Layer Security (TLS) protocol is a fundamental building block in modern software-enabled infrastructure. It involves an initial ‘handshake’ between a client and a server which establishes an encrypted connection. The server owns a Private Key and a Public Key (which can be shared), such that data encrypted with the Public Key can only be decrypted using the Private Key (or vice-versa). This is asymmetric encryption.
The ‘handshake’ involves verifying that the server which is communicated with actually owns the expected Private Key. This verification is performed using the properties of asymmetric encryption, and is may be performed at scale in cloud data centres. One type of cloud data centre for example, performs 10 million TLS connections per second. The electricity, compute power, and ultimately capital used for the infrastructure and operations of even this single service are vast.
Asymmetric encryption relies on the mathematical improbability of being able to derive a particular Private Key without holding it. Elliptic-Curve Diffie Hellman techniques, for example, enable constructing a Private Key with ~10^77 combinations; roughly the number of atoms in the observable universe. The chance of randomly guessing the Private Key is therefore practically zero. There is a mathematical link between a Private Key and its known Public Key counterpart, but the mathematics is so challenging that a classical computer would take trillions of years to compute it.
Quantum computers pose an entirely different risk. By leveraging a specially-designed algorithm (Shor’s algorithm) and taking advantage of the principles of superposition and interference, it is theoretically possible to perform the mathematics to derive a Private Key in a much shorter time period (of the order of hours or even minutes). The assumptions that underpin asymmetric encryption would therefore no longer hold.
Fault-tolerant quantum computing is still not ubiquitous; we are in the mere ‘Noisy Intermediate-Scale’ region in 2026. However, predictions for full-scale fault-tolerant quantum computers are creeping ever closer. Governments may be the only ones who can afford such a full-scale quantum computer initially, but history has taught us that scale and cost savings happen fast. And once the first quantum computer breaks asymmetric encryption, we cannot put the proverbial ‘cat back into the bag’.
There is, as many will be pleased to note, a solution (at least given our current understanding of quantum computers). Researchers have been developing quantum-resistant encryption algorithms, one of the first of which is ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism - standardized in 2024[1]). In fact, standards organisations across the globe, from NIST (the US National Institute of Standards and Technology) to NCSC (the UK National Cyber Security Centre), have been collaborating to build and define world-leading post-quantum encryption technologies.
A challenge is how to deploy post-quantum protections at scale. Software hosted on servers in datacentres owned by large technology companies may be fairly straightforward to update, but devices currently in-orbit are far more challenging. There are many industrial devices which are deployed in the field or deep underground, alongside devices which require physical access to write directly to internal memory. All sensitive devices using asymmetric encryption must be updated, similar to the massive work undertaken in preparation for the ‘Y2K’ bug, whilst adhering to a deadline which is unknown and unclear. The intersection of quantum computing and cryptography is, at present, an incredibly interesting field.
Actions that your organization can take now to prepare for the transition to PQC include:
- Map the NCSC timeline to risk and operational resilience plans
- Companies regulated such as by the ICO, Ofcom and the FCA should maintain appropriate protective measures
- Consider resilience to “harvest now, decrypt later” attacks
- Incorporate provisions into contracts regarding PQC
- If your organization is developing new technology around PQC consider protecting the underlying intellectual property
For more detail on quantum computing laws and regulations in the UK see our book chapter Quantum Computing Laws and Regulations 2026 | United Kingdom and contact our team.
At CMS, we protect quantum, cryptographic, and mathematics-adjacent innovation. If you have any queries, please reach out to one of the contacts below or your usual CMS representative.
