Why Post-Quantum Cryptography Doesn’t Replace Classical Cryptography

As quantum computing advances, discussions around the future of cryptography are becoming increasingly common. In many conversations, one message is often heard: in the future, only quantum-safe cryptography will be needed. While quantum computing does introduce real risks to certain cryptographic systems, the reality is more nuanced. Future secure systems will not solely on a single “quantum-safe” algorithm. Instead, they will continue to combine multiple cryptographic technologies.
Kimmo Järvinen, Co-founder and CTO, Xiphera

To understand why, we spoke with Kimmo Järvinen, Co-founder and CTO of Xiphera and a long-time researcher in cryptographic engineering.

Kimmo Järvinen is a hardware cryptography engineer and researcher with nearly 20 years of experience in the field. He has authored more than 60 scientific publications on cryptography, cryptographic engineering, and secure embedded systems, and holds a PhD in electrical engineering from Helsinki University of Technology.

According to Järvinen, post-quantum cryptography will be an important part of the future, but it will not replace the rest of the cryptographic toolbox.

Why quantum computers threaten some cryptography

The main risk posed by quantum computing targets public-key cryptography. Algorithms such as RSA and elliptic curve cryptography rely on mathematical problems that are extremely difficult for classical computers to solve. However, if sufficiently powerful quantum computers become available, Shor’s algorithm could solve these problems significantly faster.

This means an attacker could derive private keys from public keys, breaking the security assumptions behind widely used cryptographic systems.

“This is why post-quantum cryptography is being developed,” Järvinen explains. “If large-scale quantum computers become available, the mathematical foundations of current public-key systems would no longer provide sufficient security.”

As a result, new algorithms such as ML-KEM and ML-DSA are being standardized to replace vulnerable public-key methods.

Not all cryptography is vulnerable to quantum attacks

Despite the attention given to post-quantum cryptography, quantum computing does not threaten all cryptographic algorithms. Secure systems also rely on symmetric encryption, hash functions, and random number generation, which remain essential even in the post-quantum era.

For example, symmetric encryption algorithms such as AES are not broken by known quantum algorithms. The theoretical advantage provided by Grover’s algorithm can be mitigated by increasing key sizes, for example, by using AES-256.

This means that much of the cryptographic infrastructure used today will continue to play a key role in secure systems.

Cryptography is a system, not a single algorithm

Modern security protocols combine multiple cryptographic components, each serving a specific purpose. A good example is HTTPS. When a browser connects to a server, the TLS handshake uses public-key cryptography to authenticate the server and establish a shared secret. Once the secure session has been established, the actual data exchange is protected using symmetric encryption, typically AES.

“In real systems, cryptography always works as a combination of algorithms,” Järvinen says. “Public-key cryptography is just one part of the overall security architecture.”

Why hybrid cryptography is emerging

Another reason the transition will take time is the relative novelty of post-quantum algorithms. Although they have been carefully studied and standardized, classical algorithms such as RSA and elliptic curve cryptography have been analyzed for decades. Because of this, many experts recommend to use hybrid approaches.

Hybrid cryptography combines traditional public-key algorithms with post-quantum algorithms. This ensures security even if weaknesses are discovered in newly introduced PQC methods.

Conclusion

Post-quantum cryptography will play an important role in preparing for a future where quantum computers may exist. One of the key concerns is the so-called “harvest now, decrypt later” threat, where encrypted data is collected today and stored in the hope that future quantum computers could eventually break the encryption.

But post-quantum cryptography will not replace the full set of cryptographic technologies used today. Instead, future systems will rely on layered security architectures, combining classical and post-quantum cryptography. “Quantum-safe algorithms are essential for the future,” Järvinen concludes. “But secure systems will always require more than just one type of cryptography.”

At Xiphera, we design hardware-based cryptographic IP cores that support both classical and post-quantum algorithms for FPGA and ASIC designs. If you are evaluating how to build quantum-safe systems or planning your cryptographic transition, our team is happy to discuss secure architecture options.

Back to newsroom
Read more
Xiphera follows actively the latest development of NIST post-quantum cryptography standardisation process.
  • Cryptography news & updates

NIST Published the Drafts of the Forthcoming PQC Standards

The long-awaited drafts of the future standards for post-quantum cryptography (PQC) have been published. Xiphera will react to this with modified versions of the products in the xQlave® PQC family.
Xiphera follows actively the latest development of NIST post-quantum cryptography standardisation process.
  • Cryptography news & updates

NIST announced the winners of the PQC competition

NIST has chosen to standardise four algorithms: CRYSTALS-Kyber for Key Encapsulation Mechanism (KEM) and CRYSTALS-Dilithium, Falcon, and SPHINCS+ for digital signatures.