Post-quantum cryptography (PQC) is about preparing for a future where quantum computers could break today's encryption, not reacting to an existing threat. Shor's algorithm could factor RSA keys and solve discrete logarithms on a sufficiently large quantum computer (~4,000 qubits), while Grover's algorithm only marginally weakens symmetric encryption like AES. The 'harvest now, decrypt later' threat motivates transitioning now. NIST has been running a PQC standardization competition since 2016, resulting in lattice-based schemes like Kyber (ML-KEM) and hash-based signature schemes as leading candidates. Modern TLS already uses hybrid key exchange combining classical elliptic curve (X25519) with Kyber to hedge against uncertainty. The SIKE algorithm was a cautionary tale, broken in 2022. The transition away from elliptic curves and Diffie-Hellman is targeted within 5 years.
Sort: