What Comes After RSA & Co.? An Introduction to Post-Quantum Cryptography for Professionals

By Eckhart Mehler, Cybersecurity Strategist and AI-Security Expert

The rapid progress of quantum computing is increasingly putting pressure on classical cryptographic systems such as RSA, ECC, and DSA. These schemes rely on mathematical problems like integer factorization and the discrete logarithm—challenges that can be efficiently tackled by a powerful quantum computer using Shor’s algorithm. The question then becomes: Which alternatives are truly future-proof? Below is a detailed look at Post-Quantum Cryptography (PQC) and why it matters to experts.

?? Lattice-Based Cryptography: Security Through High-Dimensional Complexity

Lattice-based schemes leverage the hardness of problems such as the Shortest Vector Problem (SVP) or the Learning With Errors (LWE) problem. Both are widely believed to remain intractable even for quantum computers, making these methods a prime candidate for the post-quantum era.

Examples

• CRYSTALS-Kyber: A public-key encryption scheme selected by NIST as a future standard. Further details can be found at pq-crystals.org (Accessed: February 8, 2025).
• CRYSTALS-Dilithium: A lattice-based digital signature scheme, also chosen in NIST’s final round for standardization.

Advantages

• Well-studied mathematical foundations
• Efficient implementation on a variety of hardware and software platforms
• Relatively shorter key sizes compared to some other PQC methods

Disadvantages

• Higher computational overhead compared to classic algorithms like RSA
• Requires more memory than RSA or ECC

Further Reading

• Oded Regev, “On Lattices, Learning with Errors, Random Linear Codes, and Cryptography,” Journal of the ACM, 56(6), 2009.
• NIST PQC Project Official Page (Accessed: February 8, 2025).

?? Code-Based Cryptography: Leveraging Error-Correcting Codes

Dating back to 1978, code-based cryptography—particularly the McEliece cryptosystem—relies on the inherent difficulty of decoding random linear codes. Despite its age, McEliece has withstood decades of cryptanalysis.

Example

• McEliece Encryption: Uses binary Goppa codes. The original paper, A Public-Key Cryptosystem Based on Algebraic Coding Theory by Robert J. McEliece (1978), has never been practically broken.

Advantages

• Long track record of resilience
• Proven robustness and difficult to attack directly

Disadvantages

• Extremely large key sizes (hundreds of kilobytes up to megabytes)
• High memory requirements can be impractical for certain deployments

Further Reading

• R. J. McEliece, “A Public-Key System Based on Algebraic Coding Theory,” DSN Progress Report, 42-44 (1978).

?? Multivariate Polynomials: Non-Linear Security

Multivariate Public-Key Cryptography is built upon the difficulty of solving systems of non-linear polynomial equations. While considered promising for digital signatures, it has seen mixed practical results.

Example

• Rainbow: Known for fast signing and relatively short signatures, although it faced cryptanalytic challenges during the NIST PQC competition.

Advantages

• High-speed key generation and signing/verification
• Compact signature sizes

Disadvantages

• Certain schemes have been broken or severely weakened by attacks targeting specific parameter sets
• Less mature security guarantees compared to lattice-based alternatives

Further Reading

• Jintai Ding, “Multivariate Public Key Cryptography,” in Post-Quantum Cryptography, edited by D. J. Bernstein, J. Buchmann, E. Dahmen (Springer, 2009).

?? Isogeny-Based Cryptography: Elliptic Curves in the Spotlight

Isogeny-based methods rely on the complexity of finding isogenies between supersingular elliptic curves. Despite being mathematically intriguing, recent cryptanalytic breakthroughs have tempered initial optimism.

Example

• SIKE (Supersingular Isogeny Key Encapsulation): Once considered a strong candidate for NIST standardization, it was effectively broken in 2022 by classical cryptanalysis (Wouter Castryck and Thomas Decru, 2022).

Advantages

• Potentially very compact key sizes
• Novel mathematical foundation

Disadvantages

• Ongoing research into its true security level
• Successful recent attacks raised doubts

Further Reading

• Castryck, W. & Decru, T., “An Efficient Key Recovery Attack on SIDH,” Cryptology ePrint Archive, Report 2022/975.

??? Conclusion: Which PQC Methods Will Prevail?

Post-Quantum Cryptography is evolving rapidly, with the U.S. National Institute of Standards and Technology (NIST) at the forefront of standardizing new algorithms. Lattice-based schemes—particularly CRYSTALS-Kyber and CRYSTALS-Dilithium—have emerged as leading candidates, balancing efficiency and strong security assumptions. Meanwhile, code-based solutions like McEliece remain niche due to sizable key lengths, yet they boast a remarkable track record of resilience.

As large-scale quantum computers inch closer to reality, the migration to PQC becomes increasingly urgent for governments and industries alike. Although we do not know precisely which algorithms will dominate, one fact is clear: the RSA era is rapidly approaching its end.

Questions or Insights?

• Have you experimented with any PQC libraries yet?
• Which scheme do you find the most practical?
• What are your biggest concerns regarding the transition?

Feel free to share your experiences, insights, or references in the comments! ??

Stay informed, stay resilient

This article is part of my series “Cybersecurity in the Age of AI and Quantum Computing: Threats, Opportunities, and Solutions”, exploring how cutting-edge technologies like AI and quantum computing are reshaping the cybersecurity landscape. Discover actionable strategies to counter quantum-based attacks, AI-driven vulnerabilities, and navigate global regulations while preparing for a secure digital future.

About the Author: Eckhart Mehler is a leading Cybersecurity Strategist and AI-Security expert. Connect on LinkedIn to discover how orchestrating AI agents can future-proof your business and drive exponential growth.

#Cybersecurity #SocialEngineering #HumanFactor

This content is based on personal experiences and expertise. It was processed, structured with GPT-o1 but personally curated!