- Y2Q is a growing concern as quantum risk in cyberspace slowly emerges.
- Thales, Entrust, Crypto4A and Utimaco are already in the starting blocks with PQC-ready products, ready to deploy quantum-safe solutions and services to an increasingly attentive audience.
Post-quantum cryptography (PQC) standards are expected to take off this year and accelerate rapidly over the next five years to hit $530 million by 2028 as years to quantum (Y2Q) looms large.
Y2Q is a growing concern as quantum risk in cyberspace slowly emerges and relates to the algorithms that currently secure systems against cyberattacks. These algorithms are based on complex mathematical problems that are practically intractable for traditional computers, but large and sufficiently capable quantum computers, which make use of quantum mechanics, have the potential to solve them in hours or even minutes.
If malicious actors have access to such quantum computing power, they could break the security of government and enterprise systems, disturb or even damage public services and utility infrastructure, disrupt financial transactions and compromise personal data. This is the large-scale threat known as Y2Q.
Industry experts, government agencies and standards organizations supported by governments and private organisations worldwide are working on solutions to the Y2Q problem. Two crucial options are proposed: post-quantum cryptography (PQC) and quantum key distribution (QKD).
Official announcement
PQC algorithms are designed to be resilient to cyberattacks involving both classical and quantum computers. These algorithms are still based on classical mathematical complexities and computing techniques. They are expected to replace existing algorithms that are vulnerable to threats from quantum computers.
Michela Menting, Senior Research Director at ABI Research, said that the hardware security modules (HSMs) market is primed for the official announcement of the PQC standards by NIST, with software upgrades, sandbox testing solutions, and migration consultancy services already commercially available.
HSMs will be the front line of devices that will serve up PQC algorithms in a commercially palatable format. HSM vendors have been following and often actively participating in the standards development process. All have been offering testing solutions for clients on the different finalist algorithms.
“Alongside new FIPS 140-3 level certification incoming for next-generation appliances, a new class of HSMs will be hitting the market later this year and in 2025 that provide the latest security certification and quantum-safe algorithms, which will drive demand in the HSM market overall.”
HSM OEMs such as Thales, Entrust, Crypto4A and Utimaco are already in the starting blocks with PQC-ready products, ready to deploy quantum-safe solutions and services to an increasingly attentive audience.
Most organizations are increasingly aware of the necessity for quantum-safe solutions, with large technology firms announcing PQC integration in their products and governments publishing migration recommendations and timelines for the industry. “Regardless of the actual advent of attack-capable quantum computers in the next five years, it is clear that quantum-safe technologies are increasingly becoming a priority for organizations, which are looking at how best to manage that transition,” Menting said.