01 · Market Map
The PQC Vendor Ecosystem
A specialist market has formed around PQC tooling, advisory, and hardware. Procurement decisions made over the next 24 months will lock in technology partnerships for the migration cycle.
PQShield
UK · Oxford
PQC IP cores, hardware accelerators, and FIPS-certified libraries. Strong academic provenance. Supplier to major silicon and HSM vendors.
SandboxAQ
US · Palo Alto
Cryptographic management platform with discovery and migration tooling. Spun out of Alphabet. Active in financial sector consulting.
ISARA
Canada · Waterloo
Hybrid PKI and quantum-safe certificate tooling. Long-standing presence in PQC. Acquired key personnel from BlackBerry's crypto group.
evolutionQ
Canada · Waterloo
Founded by Michele Mosca. Risk assessment, migration planning, and BasejumpQDN quantum-safe networking products.
Crypto4A
Canada · Ottawa
Quantum-safe HSMs (QxHSM) with native PQC support. Strong fit for financial and government PKI customers.
Thales
France · Global
Enterprise HSM market leader. PQC-capable Luna and payShield product lines shipping. CipherTrust platform integrating PQC discovery.
Entrust
US · Minneapolis
PKI, HSMs, and digital identity. nShield HSMs with PQC support. Substantial enterprise PKI migration practice.
DigiCert
US · Lehi
Largest public CA. PQC-ready CA infrastructure for early hybrid deployments. Trust Lifecycle Manager with PQC discovery capability.
ID Quantique
Switzerland · Geneva
Quantum random number generators and QKD hardware. Distinct from PQC but often bundled in quantum-safe procurement conversations.
Procurement criteria worth applying: FIPS 140-3 certification path, NIST algorithm coverage, crypto-agility design, hybrid deployment support, transparent roadmap publication, and active participation in standards bodies (NIST, ETSI, IETF). Vendors making aggressive claims about "quantum-proof" products without referencing NIST algorithms should be treated with caution.
02 · Decision-Maker Questions
Frequently Asked Questions
The questions boards and executive committees ask first.
When will RSA actually be broken?
Honest answer: nobody knows. Expert surveys (Mosca, Global Risk Institute) place the median estimate at 15–20 years with a meaningful probability of being sooner. The actionable answer is that this question is the wrong one — harvest-now-decrypt-later means the attack on your historical data has already begun. The relevant date is when you complete migration, not when adversaries achieve CRQC capability.
Should we wait for "final" standards before starting?
No. FIPS 203, 204, and 205 are final. Apple, Signal, Google, AWS, and Cloudflare are already in production. Waiting for FIPS 206 or additional signature standards is a justification, not a reason. The discovery and inventory phase is unaffected by which algorithms you eventually deploy — start there now.
What will migration cost our organisation?
For a mid-sized enterprise with mature PKI, expect a five-to-ten year programme in the £5M–£50M range depending on HSM refresh requirements, third-party vendor dependencies, and embedded device populations. Highly-regulated organisations (banks, defence primes, critical infrastructure) regularly exceed this. The single largest cost driver is typically HSM and hardware token replacement, not software updates.
Will PQC make our systems noticeably slower?
In most user-facing scenarios, no. Production measurements from Cloudflare show TLS handshake time increasing by under 5% with hybrid Kyber. The real performance impact lands in three places: code signing (larger firmware images), constrained IoT devices (memory and energy budgets), and blockchain (transaction sizes). These require specific engineering attention.
Can we just turn on PQC in our existing infrastructure?
In some cases yes — modern Chrome, AWS-LC, and OpenSSH already support PQC and can be enabled with configuration changes. But enterprise PKI, HSMs, identity providers, code signing infrastructure, and certificate authorities all require coordinated upgrades. The infrastructure beneath your applications is where the cost lives.
What if a new algorithm breaks a year after we deploy?
This is precisely why crypto-agility matters more than algorithm choice. Systems designed so cryptographic primitives can be replaced without architectural change will handle future breaks cheaply. Systems with crypto hardcoded into application logic will not. Crypto-agility is the durable strategic outcome of the migration programme.
Are our SaaS and cloud vendors handling this for us?
Partially. Hyperscalers (AWS, Azure, GCP) are migrating their infrastructure but you remain responsible for application-layer cryptography, key management policies, and the data you encrypt before sending. Third-party risk is a major PQC concern — vendor questionnaires should now include PQC roadmap questions, and contracts should specify migration commitments.
What is the single most important thing to do this quarter?
Commission a cryptographic inventory. You cannot migrate what you have not catalogued. This is the only PQC activity that produces value regardless of which algorithms, vendors, or timelines ultimately apply. Every regulator, every framework, and every implementation methodology starts with discovery. Start there.
03 · References
Authoritative Sources
A curated list of primary sources, regulatory documents, and standards bodies. Useful for board briefings, RFP requirements, and compliance documentation.
NIST · Standards
FIPS 203, 204, 205 — Post-Quantum Cryptography Standards
The final federal standards for ML-KEM, ML-DSA, and SLH-DSA. Definitive technical specifications.
NIST · Project Page
Post-Quantum Cryptography Standardisation Project
Full record of the eight-year competition including all submissions, cryptanalysis, and decision rationale at csrc.nist.gov/projects/post-quantum-cryptography.
NSA · Policy
Commercial National Security Algorithm Suite 2.0 (CNSA 2.0)
The NSA's mandated PQC algorithm suite and migration timeline for US national security systems.
White House · Memorandum
National Security Memorandum 10 (May 2022)
Presidential directive mandating federal cryptographic inventory and PQC migration planning.
UK · Government Guidance
NCSC Guidance on Migration to Post-Quantum Cryptography
UK National Cyber Security Centre's phased migration framework for British organisations.
EU · Agency Report
ENISA Post-Quantum Cryptography: Current State and Quantum Mitigation
The EU cybersecurity agency's foundational PQC analysis and migration guidance for European organisations.
Apple · Security Paper
iMessage PQ3: New State of the Art in Quantum-Secure Messaging
The most detailed public deployment analysis of production PQC at scale.
Cloudflare · Research
Cloudflare Research Blog — Post-Quantum Series
Ongoing real-world measurements of PQC handshake performance, error rates, and deployment statistics.
Open Quantum Safe
liboqs & oqs-provider
The reference open-source PQC implementation library at openquantumsafe.org. Industry-standard tooling for development teams.
Global Risk Institute
Quantum Threat Timeline Report (Mosca, annual)
Annual expert survey on expected timing of cryptographically relevant quantum computers. The most-cited industry source on the threat horizon.
Diarka Quantum · Advisory Services
Ready to Start Your PQC Programme?
We translate the strategic, technical, and regulatory dimensions of post-quantum cryptography into action your executive team and board can authorise with confidence.
PQC Readiness Assessment
Cryptographic inventory, Mosca-framework risk modelling, and a board-ready briefing on your specific exposure profile.
Migration Strategy & Roadmap
A phased migration plan covering discovery, prioritisation, hybrid piloting, vendor selection, and crypto-agility architecture.
Executive & Board Briefings
Structured briefings tailored to non-technical executives, risk committees, and board directors who need to authorise the programme.