Doomsayers never rest. But what does it mean when even the advice of my conservative grandmother, who was shaped by the post-war era, to “make hay while the sun shines” now feels like a call for digital prevention. Because defense today is not about tanks – it is about protecting our data. The threat is real: Europol warns that organized networks are already collecting encrypted data today to decrypt it later with quantum computers for their own purposes [1]. The scenario is called “Store now, decrypt later”.
Quantum computers are fundamentally rewriting the rules of cryptography. Algorithms like RSA (Rivest-Shamir-Adleman), upon which much of our digital communication is based, could soon be cracked by quantum computers. Post-quantum cryptography (PQC) offers the solution: Put simply, new cryptographic methods that will remain effective even against quantum computers.
It is time to act: The quantum threat looms.
Quantum computing is advancing rapidly. From tech giants and universities to startups, everyone is striving to outshine with achievements. Meanwhile, security research is stepping up: The US National Institute of Standards and Technology (NIST) has already designated three algorithms as post-quantum standards: The Federal Information Processing Standards (FIPS) FIPS-203 (ML-KEM), 204 and 205 offer robust key exchange and digital signature mechanisms designed to resist attacks from quantum computers.
The Federal Office for Information Security (BSI) has also weighed in on “Q-Day” – the day quantum computers will be able to break conventional encryption for the first time. The BSI anticipates this to happen around 2030, coinciding with the full-scale production of today’s electronic developments. So, those who fail to prepare now risk deploying outdated security technology later on.
The Quantum Safe Financial Forum (QSFF), initiated by Europol, also pushes the financial sector, in particular, to use today’s tools to defend against tomorrow’s technology.
Challenges of transitioning to post-quantum cryptography
Clear though the goal may be, the road to it is anything but easy. Bigger keys and more complex algorithms demand greater processing power – a particular strain on legacy systems. Moreover, since standardization has not yet been fully completed, the algorithms in use may yet change. And from an organizational standpoint, the transition is far from easy – it requires investment, new mindsets and technical expertise. The key to success therefore lies in what is known as crypto-agility: From the start, systems need to be designed for flexibility, enabling rapid response to emerging findings or threats.
The first steps toward a secure IT infrastructure in the quantum age
Despite these challenges, initial practical implementations show that the transition to post-quantum cryptography is already underway: Infineon, Rutronik’s largest franchise partner, established itself early on as a PQC pioneer. Quantum-resistant key exchange was first implemented on a contactless chip back in 2017 [2]. At the beginning of 2025, the BSI awarded the world’s first EAL6 certification to a security controller featuring ML-KEM technology [3]. Infineon, therefore, focuses particularly on smart card applications.
Other German semiconductor suppliers are also driving development forward. Elmos Semiconductor, together with ID Quantique, is introducing a key PQC component: a miniaturized quantum random number generator (QRNG).
All encryption methods start with a random number to generate the key. However, a discrete, logical device struggles to generate genuinely random numbers. HRNGs, or hardware random number generators, have existed for a long time and are available in various technical designs. Conventional generators (TRNGs/PRNGs) are susceptible to manipulation – through physical factors such as light, pressure, temperature, electromagnetic fields or supply voltage, as well as through targeted interventions using artificial intelligence.
QRNGs use genuine quantum effects, like photon emission, to generate truly random numbers. This is not only more secure but also a mandatory requirement for FIPS 203/204/205-compliant cryptography. At present, such QRNGs are best known as server expansion cards. Elmos has now miniaturized the technology into a compact 2×2 mm DFN package (Fig. 1). As a result, Rutronik makes the patented technology available to customers worldwide. Not only the financial sector but also the industrial, medical and automotive sectors are gaining benefits.
Safety is a duty, not a luxury
Since: It is no longer just about banks. Whether industrial plants, medical devices or vehicles with assistance systems – our world is digital, networked and therefore at risk. What if vehicle assistance systems suddenly misinterpret traffic signs, or if cars can be unlocked via ultra-wideband technology and rolling key methods because the key was predictable? Or if medical data is intercepted because the random number generator was not genuine?
The quantum revolution is coming. Perhaps not tomorrow, but certainly sooner than most expect. Those who do not invest today will pay tomorrow. As my late grandmother would have wisely said: “Encrypt your data sensibly today, and you will be safe from tomorrow’s quantum cyberattacks.”
Begriffe auf einen Blick
Q-Day – Der Zeitpunkt, an dem Quantencomputer in der Lage sein werden, heutige Verschlüsselungssysteme zu brechen. Das BSI erwartet ihn etwa 2030.
QRNG vs. TRNG – Quantum Random Number Generators erzeugen echte, nicht manipulierbare Zufallszahlen auf Basis quantenphysikalischer Prozesse. TRNGs nutzen physikalische Effekte, sind aber potenziell störanfällig.
FIPS-203/204/205 – Vom NIST veröffentlichte Sicherheitsstandards für quantensichere Algorithmen (Schlüsselaustausch und digitale Signaturen), als Basis für Post-Quantum-Kryptografie.
ML-KEM (Module Lattice Key Encapsulation Mechanism) ist ein Schlüsselkapselungsmechanismus (KEM), der von NIST als FIPS 203 standardisiert wurde. Er dient dazu, einen sicheren, gemeinsamen Geheimnisschlüssel zwischen zwei Parteien zu etablieren, der gegen klassische und Quantencomputerangriffe resistent ist.
For more information and a direct ordering option, please visit our e-commerce platform at www.rutronik24.com.
Subscribe to our newsletter and stay updated.