The PQC Migration Handbook

Information and sensor systems
Quantum-safe technology
4 April 2023

Commissioned by the AIVD, TNO has compiled a handbook together with CWI. This handbook offers organisations advice and concrete steps to mitigate the risk of quantum computers to cryptography.

PQC Migration handbook

Experts consider the chance small but real that by 2030 quantum computers will already be powerful enough to break current cryptographic standards. Moreover, malicious parties can already intercept and store encrypted data now in order to decrypt it later, when quantum computing is available. Therefore, it is important that organisations start moving to a quantum secure environment soon.

A first step in this migration is to carry out a PQC diagnostic, which includes an inventory of all cryptographic techniques, the data they protect and those who manage them. This inventory can be used to accurately assess the urgency of migrating to post-quantum cryptography (PQC). The manual then provides guidelines for choosing an appropriate PQC implementation strategy and instructions for migrating different cryptographic protocols.

Also, there is a tool that assists you in deciding which Post-Quantum Cryptography scheme is most suitable for your organization's situation.

Given the quantum threat and the many developments in cryptography, it is important to keep systems cryptographically agile so that protocols can be easily adapted or replaced when new vulnerabilities are discovered.