Quantum Computing and the risk to security and privacy

The advent of large-scale quantum computing offers great promise to science and society, but brings with it a significant threat to our global information infrastructure. Public-key cryptography - widely used on the internet today - relies upon mathematical problems that are believed to be difficult to solve given the computational power available now and in the medium term.

However, popular cryptographic schemes based on these hard problems – including RSA and Elliptic Curve Cryptography – will be easily broken by a quantum computer. This will rapidly accelerate the obsolescence of our currently deployed security systems and will have dramatic impacts on any industry where information needs to be kept secure.

Quantum-safe cryptography refers to efforts to identify algorithms that are resistant to attacks by both classical and quantum computers, to keep information assets secure even after a large-scale quantum computer has been built.

What is at risk?

Without quantum-safe cryptography and security, all information that is transmitted on public channels now – or in the future – is vulnerable to eavesdropping. Even encrypted data that is safe against current adversaries can be stored for later decryption once a practical quantum computer becomes available. At the same time it will be no longer possible to guarantee the integrity and authenticity of transmitted information, as tampered data will go undetected. From business, ethical, and legal perspectives, this would violate the regulatory requirements for data privacy and security that are in existence today.

Our Role & Activities

Cryptanalysis and the standardization of cryptographic algorithms require significant time and effort for their security to be trusted by governments and industry. ETSI is taking a proactive approach to define the standards that will secure our information in the face of technological advance.

Quantum-safe cryptography and security is essential for:

  • Protecting government and military communications
  • Securing financial and banking transactions
  • Assuring the confidentiality of medical data and healthcare records
  • Safeguarding the storage of personal data in the cloud
  • Restricting access to confidential corporate networks

ETSI Quantum-Safe Cryptography (QSC) working group

The ETSI Cyber Quantum Safe Cryptography (QSC) Working Group aims to assess and make recommendations for quantum-safe cryptographic primitives protocols and implementation considerations, taking into consideration both the current state of academic cryptography research and quantum algorithm research, as well as industrial requirements for real-world deployment. Our focus is on the practical implementation of quantum safe primitives, including performance considerations, implementation capabilities, protocols, benchmarking and practical architectural considerations for specific applications. Our objectives DON’T include the development of cryptographic primitives.

This group considers the security properties of the proposed algorithms and protocols along with practical considerations, such as extensible security architectures and technology switching costs, which will allow these recommendations to support a variety of industrial use cases. We make pragmatic comparisons and concrete characterizations and recommendations to assist the global technology community to select and deploy the best available quantum-safe alternatives.

To assist the community to prepare their digital systems for the quantum computers era, we published TR 103 619 defining migration strategies and recommendations for Quantum-Safe schemes, and enhancing cryptography awareness across all business sectors.


A list of related specifications in the public domain is accessible via the ETSI standards search.