Contact Us

That´s why we think about post-quantum encrypted messages today…

Nerilda Meda
The cover image for blog titled That´s why we think about post-quantum encrypted messages today…

Understanding post-quantum encrypted messaging is crucial. While it isn’t yet a current threat, it soon will be — and that’s why you should act now. Cryptography researcher Dr. Erik Dahmen, is an expert and a co-author of Post-Quantum Cryptography, a book widely acclaimed and hailed as an “essential resource” for both students and researchers alike. He is also part of KOBIL’s product and solution team, using his world-leading knowledge to shape our latest developments and projects on a daily basis. Here he shares his expertise in this fascinating interview.

1- What are post-quantum encrypted messages?

Post-quantum encrypted messages are encrypted with algorithms that are resistant to quantum computer attacks. All commonly used classic algorithms, like Rivest-Shamir-Adleman (RSA) and elliptic-curve cryptography (ECC), are easily breakable by a sufficiently large quantum computer (quantum computers are able to solve certain computational problems, such as integer factorization — the underlying problem of RSA encryption — substantially faster than classical computers). This has been known since 1994, when Peter Shor presented his polynomial-time quantum computer algorithm for integer factorization.

2- Why we should think about this topic now, rather than in 15 years’ time?

Quantum computers progress slowly. Google Bristlecone is the largest quantum computer with 72 qubits, and researchers estimate that 20 million qubits are required to break RSA-2048 encryption (RSA is one of the first public-key cryptosystems and is widely used for secure data transmission).

On the other hand, only eight years ago researchers used quantum computers with four qubits and estimated the required number of qubits for breaking RSA-2048 at 1 billion qubits.

So there have been massive improvements in the last few years, both in increasing the capacity of quantum computers and optimizing algorithms for attacking RSA. Many researchers expect quantum computers will break RSA-2048 in the next 15 years. It may be only need five years, or it may take 25 years. No one knows for sure. The problem is that once someone announces a breakthrough, it’s already too late to react.

Every message we send to the internet stays on the internet. This means that every message we send encrypted with RSA or ECC can eventually be decrypted. There is no way of taking messages back — and that’s why we think about post-quantum encrypted messages today. It’s all about ensuring long-term confidentiality.

Post-Quantum Encrypted Messages at

3- How can quantum-resistant algorithms help us to deal with this emerging threat now?

A big step towards facing this new threat is the Post-Quantum Cryptography Standardization project initiated by the National Institute of Standards and Technology (NIST). Researchers from all around the world submitted their candidates for evaluation. First draft standards are expected between 2022 and 2024. Globally available standards are important for integrating post-quantum cryptography into public infrastructures like the internet.

But even after public standards are available, it takes several years until the industry adapts to them on a wide scale.

At KOBIL, we don’t want to wait for this. We’re already in the process of migrating our mPower platform to post-quantum cryptography.

4- Should companies be providing employees training in basic cryptography?

Yes, everyone should learn and understand cryptography. But this is my opinion as a fan of cryptography.

Seriously though, I consider it more important that people working on cryptographic algorithms, and applications that use cryptography, make sure that no one can use them in an insecure way. For non-experts, properly choosing the required parameters is difficult. And mistakes lead to security issues. This is especially important when considering the parameters for post-quantum algorithms. It is important to provide clear recommendations for parameter choices and to indicate the expected security.

5- Will it be a challenge to find a private, secure channel with quantum-resistant algorithms?

Yes, there are several challenges. One is to design algorithms that are post-quantum and efficient enough to be used in practice. However, I believe the academic world has solved this challenge, and the NIST standardization project seems to confirm that.

Since at KOBIL we don’t want to wait until post-quantum algorithms are adapted worldwide, we cannot simply replace the classic algorithms with a post-quantum alternative. This would immediately break compatibility and interoperability with all external systems that interact with our products.

So, the main challenge is remaining interoperable with components that consume our external interfaces while simultaneously providing long-term confidentiality.

For our mPower platform, we are going to provide a smooth migration. Post-quantum alternatives are used in combination with classic algorithms in such a way that we can internally provide long-term confidentiality (and, of course, long-term authenticity, integrity and non-repudiation). If post-quantum algorithms are widely used, or if quantum computers are able to break classic algorithms, we will be able to switch completely to post-quantum algorithms.

To find out more about relevant topics and trusted digital identities, visit

That´s why we think about post-quantum encrypted messages today… was originally published in KOBIL on Medium, where people are continuing the conversation by highlighting and responding to this story.