CRYPTOGRAPHIC REFERENCE
Post-Quantum Cryptography
Quantum computers running Shor's algorithm will break RSA, Diffie-Hellman, and elliptic curve cryptography. Post-quantum cryptography replaces these with mathematical problems that resist both classical and quantum attacks. NIST has standardized two complementary approaches: lattice-based and code-based key encapsulation mechanisms.
⚛
Quantum Threat
Shor's algorithm breaks RSA, DH, ECDH in polynomial time on a fault-tolerant quantum computer
📡
Harvest Now, Decrypt Later
Adversaries collecting encrypted traffic today will decrypt it once quantum hardware matures
🛡
Defense in Depth
Two independent hard problems (lattices + codes) — if one falls, the other still protects
KEY & CIPHERTEXT SIZES — 128-BIT SECURITY
STANDARDIZATION TIMELINE
HOW KEY ENCAPSULATION WORKS
A Key Encapsulation Mechanism (KEM) is the asymmetric primitive that replaces Diffie-Hellman in post-quantum protocols. It has three operations: KeyGen produces a public/private keypair, Encaps takes the public key and outputs a ciphertext plus a shared secret, and Decaps uses the private key to recover the same shared secret from the ciphertext. Both ML-KEM and HQC achieve IND-CCA2 security (indistinguishability under adaptive chosen-ciphertext attack) via the Fujisaki-Okamoto transform, which re-encrypts during decapsulation to detect tampered ciphertexts and uses implicit rejection to prevent oracles.
STANDARDIZED ALGORITHMS
HEAD-TO-HEAD COMPARISON
INTERACTIVE 3D VISUALIZATIONS