Get Involved
Cryptographic Foundations & Security Analysis

A deep dive into the mathematics of quantum-resistant trust.

Level 3: Cryptographic Foundations & Security Analysis
In a nutshell

Transitioning to a quantum-resistant ecosystem requires a rigorous evaluation of the mathematical foundations underpinning our digital world. This level moves beyond strategy to examine the specific computational problems—from lattice-based primitives to code-based alternatives—that will secure European high-assurance infrastructure.

Core Technical Themes

This technical overview details the precise algorithmic disruptions and mathematical structures that underpin the next generation of cryptographic resilience.
1

The Quantum Speedup

Detailed analysis of Shor’s Algorithm (exponential speedup against RSA/ECC) versus Grover’s Algorithm (quadratic speedup against symmetric schemes), and the resulting requirement for increased key lengths and new asymmetric primitives.
2

Physics vs. Algorithms

Distinguishing between Quantum Key Distribution (QKD)—security rooted in the physical layer and laws of nature—and Post-Quantum Cryptography (PQC), which relies on the computational hardness of mathematical puzzles.
3

The Five PQC Families

The Five PQC Families: A comparative look at the leading mathematical candidates:

  • Lattice-based: SVP (Shortest Vector Problem) and CVP (Closest Vector Problem).
  • Hash-based: Security via one-way function properties.
  • Code-based: Hardness of decoding random linear codes (e.g., HQC).
  • Multivariate: Systems of quadratic polynomial equations.
  • Isogeny-based: Maps between elliptic curves (current status and cryptanalytic outlook).

Learn more

Read the Full Technical Article

Gain a deeper understanding of the shift away from number-theory foundations and explore the mathematical security models behind the new NIST standards.
Read the Full Article
Post-Quantum Cryptography: from Basic Concepts to Security Questions
April 10, 2026

Is this for you?

This article is written for cryptographers, senior security architects, and research engineers. It assumes a working knowledge of public-key infrastructure (PKI), complexity theory, and asymmetric primitives. If your role involves low-level implementation, architectural auditing, or cryptographic research for high-assurance systems, this is your primary resource.

Found this level too specialised?

If you are looking for organisational migration roadmaps, regulatory compliance (NIS2/DORA), and IT-level strategy without the deep mathematical focus, our intermediate resources are better suited to your needs.
Go to Level 2: Strategic Migration & Operational Readiness

Resources

Deepening your knowledge

If you are interested in deepening your knowledge of the topics covered at this level, we have gathered a collection of curated external resources—including official standards, research papers, and educational guides—to support your journey.

NIST FIPS 203: ML-KEM — Standard (PDF)
Final KEM standard for key establishment (PQC).
https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.203.pdf
NIST FIPS 204: ML-DSA — Standard (PDF)
Final lattice-based signature standard for authentication/signing.
https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf
NIST FIPS 205: SLH-DSA — Standard (PDF)
Final stateless hash-based signature standard (SPHINCS+ family).
https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.205.pdf
NIST PQC FAQs (CSRC) — FAQ page
Implementation-oriented clarifications and pointers to example material.
https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/faqs
OpenSSL Conference 2025 — Post-… (Tomas Gustavsson) — Video (conference talk)
Practitioner view on PQC in widely used crypto libraries and ecosystem readiness.
https://www.youtube.com/watch?v=VqCi1rBBtgg
Get Ready for Quantum Era: Insights from the ETSI/IQC QSC Conference (ETSI) — Webinar (recording)
Executive/technical insights from a major quantum-safe cryptography conference (ETSI/IQC).
https://www.brighttalk.com/webcast/12761/617230?utm_source=brighttalk-portal&utm_medium=web&utm_campaign=player-page-feed&player-preauth=HywYWrEpdeUfjEPCzFLZaUudX9mkgGj0MlyoDhGqwH0%3D
ETSI TR 103 967: Impact of Quantum Computing on Symmetric Cryptography — Technical report
Analysis of quantum impact on symmetric algorithms and key sizes.
https://www.etsi.org/deliver/etsi_tr/103900_103999/103967/01.01.01_60/tr_103967v010101p.pdf
ETSI TR 104 016: A Repeatable Framework for Quantum-Safe Migrations — Technical report
Structured framework for planning and executing quantum-safe migrations.
https://www.etsi.org/deliver/etsi_tr/104000_104099/104016/01.01.01_60/tr_104016v010101p.pdf
Energy Consumption of Candidate Algorithms for NIST PQC Standards (Banerjee & Hasan) — Technical report
Comparative analysis of energy costs of PQC candidate algorithms.
https://cacr.uwaterloo.ca/techreports/2018/cacr2018-06.pdf

IETF: Hybrid key exchange in TLS 1.3 — Internet-Draft
Construction pattern for hybrid KEX in TLS 1.3 during transition.
https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design
IETF: Post-quantum hybrid ECDHE–MLKEM for TLS 1.3 — Internet-Draft
Concrete hybrid groups combining ECDHE with ML-KEM.
https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/
IETF TLS WG page (active drafts incl. ML-KEM/ML-DSA in TLS 1.3) — Index page
Handy “current status” list of TLS working-group draft work.
https://datatracker.ietf.org/wg/tls/
RFC 9881 – Internet X.509 Public Key Infrastructure — Algorithm Identifiers for the Module-Lattice-Based Digital Signature Algorithm (ML-DSA) — RFC
Specifies how the post-quantum ML-DSA signature algorithm (formerly known as Dilithium) is represented in X.509 certificates and CRLs with associated OIDs.
https://www.rfc-editor.org/rfc/rfc9881.html
RFC 9814 – Use of the SLH-DSA Signature Algorithm in the Cryptographic Message Syntax (CMS) — RFC
Defines CMS conventions and algorithm identifiers for the stateless hash-based post-quantum SLH-DSA signature algorithm.
https://www.rfc-editor.org/rfc/rfc9814.html (datatracker.ietf.org)
RFC 9882 – Use of the ML-DSA Signature Algorithm in the Cryptographic Message Syntax (CMS) — RFC
Specifies how the lattice-based post-quantum ML-DSA signature algorithm is used in CMS including identifier syntax and signed-data conventions.
https://www.rfc-editor.org/rfc/rfc9882.html
draft-ietf-lamps-cms-kyber — Use of ML-KEM in the Cryptographic Message Syntax (CMS) — Internet draft
Specifies how to use ML-KEM (the post-quantum lattice-based key-encapsulation mechanism) with the CMS KEMRecipientInfo structure for secure content encryption key transport.
https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-kyber/
draft-ietf-lamps-cms-composite-sigs — Composite ML-DSA for CMS — Internet draft
Defines composite (hybrid classical + post-quantum) signature algorithms suitable for use within the Cryptographic Message Syntax (CMS).
https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-composite-sigs/
draft-ietf-lamps-pq-composite-kem — Composite ML-KEM for X.509 PKI — Internet draft
Describes composite key-encapsulation mechanisms combining classical and post-quantum KEMs for use in X.509 certificates and related PKIX contexts.
https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-kem/
draft-ietf-lamps-kyber-certificates — ML-KEM Algorithm Identifiers for X.509 Certificates — Internet draft
Defines algorithm identifiers and ASN.1 encoding for the ML-KEM (Kyber) post-quantum key-encapsulation mechanism in X.509 certificates.
https://datatracker.ietf.org/doc/draft-ietf-lamps-kyber-certificates/
RFC 9370: Hybrid key exchange in TLS — RFC
Specification relevant to hybrid classical/post-quantum key exchange mechanisms.
https://www.rfc-editor.org/rfc/rfc9370.html
ETSI TS 104 015: Efficient Quantum-Safe Hybrid Key Exchanges — Technical specification
Technical specification — Specification for hybrid key exchange mechanisms with access policy considerations.
https://www.etsi.org/deliver/etsi_ts/104000_104099/104015/01.01.01_60/ts_104015v010101p.pdf
How to factor 2048-bit RSA integers with less than a million noisy qubits (Craig Gidney, 2025) — Research paper
Updated quantum resource estimates for breaking RSA-2048.
https://arxiv.org/pdf/2505.15917

Warsaw IACR Summer School on Post-Quantum Cryptography 2024 — Video Playlist (lectures)
High-quality, structured lectures by recognised researchers (excellent “serious starter”).
https://www.youtube.com/playlist?list=PL0wcERqIK9iTblZzvk8QdBWTCip0DDC-n
Postquantum Cryptography | Quantum Colloquium (Simons Institute) — Video (research talk)
Survey-style talk on PQC challenges and directions from a top theory institute.
https://www.youtube.com/watch?v=wd9-6XveC8o
Quantum Algorithms and Post-Quantum Cryptography (Simons Institute) — Video (research talk)
More technical lecture connecting quantum algorithms and PQC security assumptions.
https://www.youtube.com/watch?v=VtPHoH5RsHg
Post-Quantum Cryptography in Software I (CHES 2023) — IACR — Video (conference session)
Software implementation research and practical considerations for PQC.
https://www.youtube.com/watch?v=sozs34F4oMg
Post-Quantum Cryptography in Software II (CHES 2023) — IACR — Video (conference session)
Continuation: more implementation results and discussions.
https://www.youtube.com/watch?v=Y2U0a4hTiNs
Quantum Cryptanalysis (Crypto 2024) — IACR — Video (conference session)
Research session on quantum cryptanalysis themes (useful for understanding adversary capabilities).
https://www.youtube.com/watch?v=5myAeoG4ejA
Post-Quantum Cryptography Conference — PKI Consortium — Video (conference session) and slides
2025 PQC Conference of the PKI Consortium.
https://pkic.org/events/2025/pqc-conference-austin-us/

RFC Editor: RFC 9794 (hybrid terminology) — RFC
2025 PQC Conference of the PKI Consortium.
https://www.rfc-editor.org/rfc/rfc9794.pdf
OpenJDK JEP 527: Post-Quantum Hybrid Key Exchange for TLS 1.3 — Engineering proposal
A real-world deployment view (assumptions, risks, interoperability).
https://openjdk.org/jeps/527
A Survey of Post-Quantum Cryptography Support in Cryptographic Libraries (Ahmed, Zhang, Gangopadhyay, 2025) — Research paper
Survey of PQC support across major cryptographic libraries.
https://arxiv.org/pdf/2508.16078

Beginner

Back to Level 1: Post-Quantum Foundations

For users new to PQC or wanting a high-level overview.

Advanced

Back to level 2: Strategic Migration & Operational Readiness

For users looking for migration steps, implementation support, or applied insights.

Get involved

Join the POSEIDON Community

Collaborate to strengthen the security and safety of Europe’s digital identities.

Application form

Privacy*
Newsletter
POSEIDON Logo
Securing European Digital Identities with Post-Quantum Solutions

contact@poseidon-pqc.eu

Cookies & Privacy Policies Funded by the European Union
Copyright © 2026. All rights reserved.
Navigation
Home About Activities Knowledge Contact

Subscribe to our newsletter

Stay informed by following us on LinkedIn and subscribing to our newsletter.
Privacy*