High Level Differences Between PQC and QKD

Share it

Table of Contents

The threat of quantum computers breaking down modern cryptographic algorithms and exposing the confidential information of governments, corporations, and individuals is real. According to the National Security Memorandum released by the White House in May 2022, a “cryptanalytically relevant quantum computer (CRQC) could jeopardize civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most Internet-based financial transactions.”[1] Time is limited, and the moment to implement solutions and create safeguards against these inevitable attacks is now. In this article, two potential approaches to overcoming the threat of quantum cyberattacks will be discussed and compared: quantum key distribution and post-quantum cryptography.

Quantum key distribution (QKD) relies on the quantum mechanics of photons to securely transmit encryption keys between two parties. In QKD, a set of polarized photons are sent to a receiver through a fiber optic cable. The polarization of each photon can be read using a single-photon detector to create a bit vector that acts as a quantum key. Once the receiver decodes the photon sequence, both parties verify the key to ensure that it has not been tampered with by a third party.[2] If all is well, confidential messages between users can then be encrypted and sent through the quantum channel.

There are a series of pros and cons with QKD that must be mentioned. The first advantage of QKD is that according to the laws of quantum mechanics, the quantum key cannot be intercepted by an eavesdropper without altering the original photon decoding. An intrusion would inform both parties of a change in a key sequence. The second benefit of using QKD is that it could solve or minimize the threat of quantum computers breaking current asymmetric cryptography which is reliant on complex algebraic problems. Still, there are downsides. First, a QKD implementation requires specialized hardware, and communication is only available through optical fibers, which prevent external interference with photons. This can limit transmission range and creates a need for new infrastructure.[3] Second, the idea of QKD is new, and as a result, no implementations can be proved secure. QKD has no standardized testing methodology or certification standards; there might still be a variety of vulnerabilities that the scientific community is unaware of.

Post-quantum cryptography, in contrast, is a more software-based approach to counteracting the security threats posed by quantum computers. To briefly summarize, PQC refers to the cryptographic algorithms that, according to modern knowledge, cannot be broken by quantum computers. The modern RSA algorithms rely on the difficulty of factoring large prime numbers to create a trapdoor one-way function. Shor’s algorithm, which was developed in 1994, proves that quantum computers will be able to find the prime factors of massive numbers relatively fast. This indicates that something much more secure and mathematically complex has to be implemented in the future.

Advantage-wise, PQC algorithms can be implemented on modern hardware and are not restricted to optical fibers. They are designed to run on any device without the need for supplemental hardware. Since no new infrastructure is needed for PQC implementations, post-quantum cryptography comes with a low cost and a high mobility in the commercial realm. On the downside, PQC algorithms are still being developed and tested. There is no guarantee that with time, these algorithms will still be resistant to quantum computers.

It must be noted that today, the National Security Agency (NSA) does not “consider QKD a practical security solution for protecting national security information,” saying that the approach “only addresses some security threats and requires significant engineering modifications to NSS communications systems.”[4] In the PQC realm, the National Institute of Standards and Technology (NIST) is expected soon to announce its final quantum-resistant public-key cryptographic algorithms.


[1] “National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems.” The White House, 4 May 2022, https://www.whitehouse.gov/briefing-room/statements-releases/2022/05/04/national-security-memorandum-on-promoting-united-states-leadership-in-quantum-computing-while-mitigating-risks-to-vulnerable-cryptographic-systems/. Accessed 6 June 2022.

[2] “How Does Quantum Key Distribution (QKD) Work? | QuantumXC.” Quantum Xchange, https://quantumxc.com/blog/how-does-quantum-key-distribution-work/. Accessed 1 June 2022.

[3] “Quantum Key Distribution versus Post-Quantum Cryptography.” Inside Quantum Technology, 21 May 2019, https://www.insidequantumtechnology.com/quantum-key-distribution-vs-post-quantum-cryptography/. Accessed 1 June 2022.

[4] “Quantum Computing and Post-Quantum Cryptography.” National Security Agency | Frequently Asked Questions, 4 August 2021, https://media.defense.gov/2021/Aug/04/2002821837/-1/-1/1/Quantum_FAQs_20210804.PDF. Accessed 1 June 2022.

More articles