Security must persist

Quantum resilient ≠ Quantum safe

Being “quantum-safe” is not enough — systems must remain secure through continuous change.

04 / 06

← Overview

Hybrid keys — quantum-resilient and backwards-compatible at once.

Status Quo, Resilient, Safe — what each actually means

04 / Quantum resilient ≠ Quantum safe

Two keys, one credential, no partner coordination needed

These terms are often used interchangeably; they are not the same. Status Quo is today's classical cryptography (RSA, ECDSA) with no resistance to quantum attacks. Quantum Resilient means a system can withstand some quantum attacks — achievable now with hybrid keys. Quantum Safe means the underlying algorithm is mathematically proven to resist all known quantum attacks, including Shor's and Grover's.

Larger key sizes — for example RSA-4096 — make RSA more resilient against classical attacks; a sufficiently powerful quantum computer still breaks it. Only NIST-certified PQC algorithms get close to truly quantum safe.

ML-KEM · ML-DSA · SLH-DSA RSA-4096 is still not safe

Status Quo

Classical cryptography in production today

✓Resists classical attacks

✗Vulnerable to Grover's algorithm

✗Broken by Shor's algorithm

✗RSA, ECDSA, Ed25519 only

✗Exposed to harvest-now-decrypt-later

Quantum Resilient

Achievable today with hybrid keys

✓Resists classical attacks

✓Hybrid PQC + classical signatures

✓ML-DSA-65 signing for new credentials

✓ML-KEM-768 key encapsulation

✓Backwards compatible with legacy partners

✓Protects new data from HNDL

~Older archived data stays at classical risk

Quantum Safe

Ideal state. No system today is fully quantum safe.

✓Resists classical attacks

✓Resists Grover's algorithm

✓Resists Shor's algorithm

✓NIST FIPS 203 / 204 / 205

✓Mathematically proven

Hover over any pill Term to see what it means.

Hybrid Keys Next: Harvest Now, Decrypt Later