CONTEXT
Anticipating the quantum threat: security challenges and pathways for organisations
Quantum computing is no longer merely a subject of fundamental research. It is rapidly advancing towards industrial applications, with a direct impact on the security of digital communications.
Unlike conventional computers, which manipulate bits (0 or 1), quantum computers use qubits capable of existing in multiple states simultaneously. This property enables them to perform certain calculations exponentially more efficiently.
This breakthrough opens up major opportunities in many fields. But it also introduces a structural vulnerability into current security systems.
Why encryption standards are affected
Most of the security mechanisms used today — notably RSA and ECC — rely on the difficulty of certain mathematical problems (factoring, discrete logarithms).
Quantum algorithms such as Shor’s fundamentally change the game: in theory, they enable these problems to be solved much more quickly than with classical methods.
In practical terms, this means that:
- public-key encryption systems could become obsolete
- authentication and signature mechanisms would be compromised
- the confidentiality of communications would no longer be guaranteed in the long term.
Even symmetric systems (such as AES) are affected, with attacks accelerated by Grover’s algorithm, requiring parameter adjustments to maintain their robustness.
The risk is not limited to the arrival of fully operational quantum computers.
Even today, certain encrypted data can be intercepted and stored pending future decryption capabilities. This strategy, known as “Harvest now, decrypt later”, particularly concerns:
- long-lived data (health, defence, intellectual property)
- critical infrastructure
- strategic communications between organisations
In other words, information captured today may become readable in 5, 10 or 15 years’ time.
In response to this development, public institutions and industry have begun to formulate a response.
In 2024, the NIST (National Institute of Standards and Technology) published its first post-quantum cryptography (PQC) standards, marking a significant step towards large-scale adoption. These algorithms are designed to withstand both classical and quantum attacks.
At the same time, major technology and telecoms players are experimenting with hybrid solutions combining different security approaches.
1. Post-quantum cryptography (PQC)
PQC is based on new mathematical algorithms designed to be resistant to quantum attacks.
Benefits for organisations:
- compatible with existing infrastructure
- deployable on a large scale (software)
- currently undergoing international standardisation
Limitations :
- still relies on mathematical (rather than physical) assumptions
- requires adaptations (key size, performance, integration)
QKD uses the properties of quantum mechanics to secure the exchange of encryption keys.
Any attempt at interception alters the quantum state and becomes detectable. This enables a level of security based on the laws of physics.
Benefits for organisations:
- “informationally secure” security
- intrinsic detection of interception
- particularly suited to critical communications
Limitations:
- requires dedicated physical infrastructure (fibre, equipment)
- scope and integration still under development
3. Hybrid approaches
In practice, the transition will not be abrupt. This is why Kirq favours an approach using hybrid architectures combining PQC and QKD.
These enable:
- the gradual securing of existing systems
- the testing of new technologies without disruption
- the adaptation of the security level to specific uses
Preparing for quantum security is not simply a matter of choosing a technology. It requires a structured approach:
- where are the keys used?
- which data needs to remain confidential in the long term?
- prioritisation of critical systems,
- gradual integration of quantum-safe solutions.
- performance validation,
- interoperability with existing systems.
Already concrete use cases
Several sectors have begun to trial and deploy solutions:
Energy:
National security:
protecting strategic communications and confidential files
Finance:
Telecommunications and critical infrastructure:
secure networks combining PQC and QKD, with trusted node architectures
These initiatives demonstrate that the transition is already underway, with tangible benefits in terms of resilience and trust.
One of the main obstacles remains the transition from concept to operational integration.
This is precisely the aim of quantum communication testbeds: to enable organisations to test, understand and evaluate these technologies in real-world environments prior to deployment.
In this context, dark fibre infrastructure and open platforms play a key role in:
- reducing the risk of adoption,
- accelerating innovation,
- and fostering collaboration between industry, researchers and operators.
The transition to secure communications in the face of quantum threats will not happen overnight. But it is already underway.
For organisations, the question is no longer whether they should prepare for it, but when and how. With every passing month, the question arises: “How long will your organisation’s transition take, and after how long will your information become obsolete if an adversary has collected it before it is quantum-resistant?”
Anticipating this development not only reduces risks but also allows you to position yourself early on in the infrastructure that will shape the networks of tomorrow.
Kirq can help you prepare, test and validate your transition before investing in expensive equipment. Contact us to plan your transition.
Ready to start your project?
Kirq offers support tailored to your objectives, your project and its maturity.
Contact our team today to get started and discuss your requirements.
If you’d like to submit a use case, please get in touch.