}
description={

}
/>
Today’s encryption relies on mathematical problems that would take incredibly long for a traditional computer to solve. However, a quantum computer, which is still in development, is expected to solve these problems much faster. This means that the current algorithms protecting our online transactions, sensitive data, digital signatures, and private communications could become vulnerable.

Post-quantum cryptography, also called quantum-safe cryptography, aims to create new, quantum-proof encryption that can secure data even when quantum computing becomes mainstream. These post-quantum cryptography algorithms rely on different mathematical techniques designed to be complex enough that even the most powerful quantum computers can’t break them.


Post-quantum cryptography (PQC) and quantum cryptography (QC) are two different methods for data security. PQC is a defense mechanism that creates new cryptographic algorithms to resist quantum computer attacks using traditional technology. QC, on the other hand, is a branch of cryptography that uses quantum physics principles, like quantum key distribution (QKD), to secure data. QC requires quantum hardware.

In short, PQC strengthens current encryption against quantum threats, whereas QC uses quantum mechanics to protect data. Let’s explore the key differences:

The purpose of post-quantum cryptography is to protect sensitive data from the future risks posed by quantum computing technology. Although quantum computers are still in development, they could eventually break the encryption that currently secures our bank accounts, digital communications, and other confidential information. PQC meets this challenge by developing new post-quantum algorithms to withstand quantum attacks.


Post-quantum cryptography uses a range of algorithms based on complex mathematical problems that are difficult for quantum computing to solve. These algorithms are specifically designed to secure data against the potential power of future quantum attacks.

Here’s a brief overview of the main types of PQC algorithms that researchers are currently developing and testing:


Lattice-based cryptography is like creating a secret maze in a multi-dimensional grid. Imagine a vast, intricate structure where finding a path from one point to another is incredibly complex. Lattice-based cryptography uses this complexity to make encrypted data nearly impossible to break, even for a large-scale quantum computer. It’s one of the most promising cryptography options because it combines strong security with efficient performance.

Examples: Kyber, NTRU, Falcon


Code-based cryptography works by hiding data in complex error-correcting codes, similar to a message buried under layers of noise that only the right key can decode. It’s been studied for decades and is tough enough to resist quantum attacks. Even though it needs large key sizes, which can make it bulky for some uses, it’s highly secure for applications that need extra protection.

Examples: Classic McEliece, BIKE


Hash-based cryptography relies on hash functions, which are like unique digital fingerprints for data. These fingerprints can’t be reversed, making them ideal for creating secure digital signatures. Hash-based cryptography is great for verifying identity and digital signatures in a way that quantum computing technology can’t easily interfere with.

Examples: SPHINCS+, LMS, LAMPORT


Multivariate polynomial cryptography is built around solving equations with multiple variables — like trying to solve a puzzle with many moving parts. This approach makes it hard for quantum computers to crack the code. Though still in the experimental stage, multivariate cryptography could become useful in specific fields requiring high security.

Examples: Rainbow, GeMSS, HFE


Isogeny-based cryptography involves creating secure connections between points on an elliptic curve. Picture trying to map out paths between islands on an ocean; finding the correct path (or “isogeny”) is extremely hard if you don’t have the right information. This approach is newer but shows potential for lightweight, secure encryption that could be effective even on smaller devices.

Examples: SIKE, CSIDH

{SHORTCODES.blogRelatedArticles}

Quantum computers threaten current encryption because they are expected to solve certain mathematical problems much faster than classical computers, making it possible to break widely used encryption methods.

Most of today’s encryption, including VPN encryption and public key encryption, relies on complex mathematical problems that would take classical computers years — if not centuries — to solve without the correct key, making it practically impossible to crack. However, quantum computers use principles of quantum mechanics to perform calculations in parallel, allowing them to solve specific problems exponentially faster.

The main threat is to encryption methods that rely on factorization and discrete logarithms — such as RSA (Rivest-Shamir-Adleman) and ECC (elliptic curve cryptography) — which are the backbone of most network security systems. Quantum algorithms, like Shor’s algorithm, are designed to efficiently break these specific mathematical problems, allowing a quantum computer to quickly decipher encryption keys that would otherwise remain secure.

This looming reality drives the urgent need for quantum-resistant cryptography — a new generation of quantum-resistant cryptographic algorithms specifically designed to withstand quantum attacks. Without swift progress in implementing quantum-resistant algorithms, we risk a future where personal privacy, national security, and the foundations of global finance are left vulnerable.


NordVPN already employs strong, secure ciphers that are challenging and costly to break. However, with the advent of post-quantum encryption, security reaches an even higher standard. Staying ahead of emerging threats, NordVPN is committed to building a quantum-safe future by delivering seamless, quantum-safe VPN connections for its users.

In late September, NordVPN introduced the first post-quantum cryptography upgrade for the NordLynx protocol in its Linux app. This upgrade aligns with the latest NIST standards and is designed to protect Linux users against potential quantum decryption threats. Additionally, it allows NordVPN to collect valuable performance data on how this improvement impacts connection speeds and times.

NordVPN will start rolling out its post-quantum encryption feature to its Windows users in early December, followed by other platforms in late 2024 or early 2025. The upgrade utilizes the NordLynx protocol, based on WireGuard, with an added layer of quantum-safe encryption.

Users can enable this feature with a toggle switch — once it’s set to an “ON” position, the feature will be active each time the user is connected to the VPN via the NordLynx protocol. This will add an extra layer of protection against future quantum-based threats without compromising the browsing experience.

The post-quantum encryption feature’s benefits and value include improved security for sensitive data, future-proofing against emerging quantum decryption technologies, and the flexibility for users to choose when to activate this advanced protection.


For businesses, PQC is the next step in staying ahead of cyber threats. Quantum computing is coming fast, and PQC will protect sensitive data — especially in finance, healthcare, and government agencies — against potential threats like the “Harvest now, decrypt later” attacks.

For individuals, PQC brings peace of mind by protecting personal data — like banking information, medical records, and private messages — from future quantum-powered attacks. As PQC rolls out in tools like VPNs and secure messaging apps, users will get next-level encryption that’s ready for whatever the future brings.