My curiosity for technology has been with me since childhood. My first real contact with the world of computers was through an HC (Home Computer – a Romanian microcomputer from the 1980s) that my father used for a project. For those who never encountered such a device, it consisted of a keyboard slightly larger than the ones we use today, a cassette player for storage and a black‑and‑white television that served as a monitor. At that time, everything felt like it came straight out of a science‑fiction movie. Then came the years when a PC with 512K of RAM and MS‑DOS was a true treasure, followed by the early versions of Windows and the timid arrival of the Internet, where every connection began with the unmistakable melody produced by the dial‑up modem.

Today, we talk about fiber‑to‑the‑building (FTTB) connections, speeds of over 2 Gbps, modern data centers, extremely powerful GPUs (Graphics Processing Units) and perhaps most importantly, Quantum technology — a type of computing that uses the laws of quantum physics and enables extremely complex problems to be solved much faster than classical computers. The evolution has been remarkable, but it comes with a major responsibility: protecting information and adapting security to new technological realities. Discussions about the impact of quantum computers on information security began as early as the 1990s, with the publication of Shor’s algorithm, which theoretically demonstrates that classical encryption methods can be broken by a sufficiently powerful quantum computer. For many years, this risk was considered distant, but things have changed dramatically over the past 5–7 years, as investments in Quantum technology have accelerated its development.

Why is classical cryptography no longer sufficient?

Classical cryptography is the method used to protect information so that only authorized individuals can read it. However, today, most of the security mechanisms in use rely on mathematical problems considered “hard to solve” for classical computers. The most well‑known examples are:

• RSA – a widely used cryptographic algorithm for securing communications; it is based on the factorization of very large numbers
• ECC – Elliptic Curve Cryptography, a modern and more efficient encryption method than RSA, relying on advanced mathematics using elliptic curves
• Diffie–Hellman – a mechanism that allows two parties to create a shared secret key even when communicating over an insecure network

The problem is that a sufficiently powerful quantum computer can solve these cases much faster using algorithms such as Shor’s. Even though these computers are not yet available at scale, Harvest Now, Decrypt Later attacks are already a reality: data is captured today, stored and decrypted in the future, when the technology will allow it.

What does ‘Quantum Ready’ mean in simple terms

Being “Quantum Ready” does not mean using quantum systems today, but ensuring that our IT infrastructure is prepared for the future. In practical terms, this means that the solutions we implement:

• can use cryptographic algorithms that are resistant to quantum attacks
• allow crypto‑agility, meaning the ability to change cryptographic algorithms without rebuilding the entire infrastructure
• are prepared for software and hardware upgrades

In short, being “Quantum Ready” means choosing solutions that can remain secure and relevant in a future where Quantum technology becomes part of everyday reality. We could say it comes down to a practical question: is the company’s infrastructure prepared to remain secure in the years ahead?

Quantum‑Ready Ciphers and Relevant RFCs (Request For Comments)

A few examples of relevant algorithms and standards:

• CRYSTALS‑Kyber – for key exchange (NIST standard)
• CRYSTALS‑Dilithium – for digital signatures
• RFC 9180 – Hybrid Public Key Encryption (HPKE), a standard that defines a modern and secure mechanism for encrypting data using public keys
• RFC 8446 (TLS 1.3) – already supports hybrid mechanisms prepared for PQC (Post‑Quantum Cryptography – cryptographic algorithms designed to remain secure even against quantum computers)

TLS 1.3 is a very good example of a protocol for securing internet communications (such as HTTPS), which can be extended with post‑quantum algorithms without major architectural changes.

Practical recommendations for organizations

In more than 15 years of experience in networking and security, working with critical infrastructures, data centers, and enterprise solutions, I have often seen how technology evolved faster than security policies. Data Center, Software Defined-WAN, Software Defined-Access and critical infrastructure projects require long‑term planning. In such projects, cryptography is not a detail but a foundation. The experience gained from designing, implementing, and securing complex infrastructures clearly shows that the right moment to act is before a risk becomes an incident. This is why I believe it is important to consider the steps outlined below.

Inventory your existing cryptography

• What algorithms are you using
• Where are they used (VPN, TLS, PKI storage – Public Key Infrastructure)

Assess data with long term value

• Personal data (GDPR)
• Financial data
• Intellectual property
• Contracts

Plan a gradual transition

• Hybrid cryptography
• Testing in controlled environments

In conclusion: it is time to verify whether the infrastructure is Quantum Ready

We have moved from computers with audio cassettes and MS‑DOS to Nvidia A100‑class GPUs and extremely complex cloud infrastructures. The evolution doesn’t stop here. Classical cryptography, as we know today has an expiration date. IT infrastructure has a long lifecycle. The equipment, platforms and solutions implemented today will be used for many years. If they are not chosen correctly now, they can become a major bottleneck later, when change will be forced and costly. The message of this article is simple: now is the time to verify whether our IT infrastructure is Quantum Ready. Not tomorrow. Not when it’s too late.

What the vendors, Cisco and Palo Alto Networks, are saying

• Cisco is testing Post‑Quantum mechanisms in TLS, IPsec, and SD‑WAN

https://www.cisco.com/site/us/en/about/trust-center/post-quantum-cryptography.html

https://www.cisco.com/site/us/en/learn/topics/networking/what-is-post-quantum-cryptography.html?dtid=osscdc000283&linkclickid=srch

• Palo Alto Networks discusses crypto‑agility and the impact of Quantum on NGFW and Zero Trust

https://www.paloaltonetworks.com/cyberpedia/what-is-post-quantum-cryptography-pqc

In both cases, the focus is on gradual planning, continuous adaptation, and alignment with global standards. And the message is clear: it’s not a question of “if”, but “when”.

The position of official institutions — CISA and NIST

Government institutions have already understood the risk.

CISA (Cybersecurity and Infrastructure Security Agency) recommends initiating the migration to Post‑Quantum Cryptography algorithms, especially for critical infrastructures (economy, healthcare, energy, telecommunications).
https://www.cisa.gov/quantum

NIST has already standardized the first Post‑Quantum algorithms, such as:

• CRYSTALS‑Kyber (Key Encapsulation)
• CRYSTALS‑Dilithium (Digital Signatures)
• Falcon (digital signature algorithm)
• SPHINCS+

https://www.nist.gov/pqcrypto

These recommendations are not theoretical. They come with clear timelines for adoption in government and enterprise environments.

At Arctic Stream, we support companies in assessing risks and building a flexible security infrastructure. If you manage sensitive data or critical infrastructures, an initial discussion can clarify where you stand today and what decisions are needed for the coming years.