Post-Quantum Cryptography (PQC) aims to develop cryptographic algorithms and protocols that are resistant to attacks performed by quantum computers. Among these emerging techniques, homomorphic encryption plays a particularly important role.
Why will we need “post-quantum” cryptography?
Current cryptographic algorithms, such as RSA and ECC (Elliptic Curve Cryptography), rely on the difficulty of certain mathematical problems—like integer factorization and the discrete logarithm. These problems are practically unsolvable by classical computers except by trying all possible combinations, and if the number of combinations is sufficiently large, we can rest assured that no one will have the time to brute-force them, even with very powerful machines.
However, as early as the 1990s—before any practical quantum computer existed—Peter Shor introduced Shor’s algorithm, a quantum algorithm capable of solving the factorization problem (on which RSA relies) in significantly less time than a classical computer. This would render many currently used protocols insecure once sufficiently powerful quantum computers are available.
To counter this threat, cryptographers have identified a new class of hard problems that even quantum computers cannot efficiently solve. This has given rise to post-quantum cryptography.
Some of the core problem types include:
Lattice-based cryptography
Code-based cryptography
Hash-based cryptography
Multivariate polynomial cryptography
Among these, lattice-based cryptography has gained particular interest due to its potential for implementing homomorphic encryption schemes, which allow operations to be performed on encrypted values without ever exposing the underlying data.
Why haven’t we all moved to post-quantum cryptography yet?
First, it’s important to clarify that the threat posed by quantum computers is not yet immediate, at least according to publicly available research. This is mainly because today’s quantum machines lack the scale and efficiency needed to run Shor’s algorithm on large enough numbers.
Still, companies like Apple have already started integrating post-quantum encryption into their services to prevent the so-called “harvest now, decrypt later” attack—where encrypted data is collected today with the aim of decrypting it in the future once quantum capabilities mature.
There are also two key barriers to widespread adoption:
Standardization – The deployment of any cryptographic scheme hinges on having standards that validate its security. In 2022, the NIST published an initial shortlist of PQC candidates to be standardized (link), and the standardization process is still ongoing.
Key sizes – Many PQC schemes have significantly larger key sizes compared to traditional cryptography, which affects their performance and implementation cost.
Thus, while PQC is necessary, its mass adoption is being delayed by practical challenges like efficiency and cost.
PQC and Homomorphic Encryption (HE)
Among the mathematical problems proposed for PQC, lattice-based schemes are particularly promising. In fact, two out of the three schemes selected by NIST for standardization are based on lattices.
One major advantage of lattice problems is that they operate over high-dimensional vectors, where addition and multiplication can be performed—an idea that underpins the most widely used homomorphic encryption schemes. This enables encrypted data to be processed without ever revealing the underlying information.
That said, it's important to distinguish between the two terms: homomorphic encryption refers to any technique that allows computations on encrypted data. Some homomorphic schemes are not quantum-safe and are based on classical cryptography.
Let’s now focus on the popular PQC-based HE schemes and their potential uses. As previously mentioned, many PQC schemes suffer from large key sizes, which is also true for homomorphic encryption. Efficiency is a critical challenge here, since encrypted operations over vectors are much more computationally expensive than classical cryptographic operations.
However, there are specific contexts where such schemes are essential—for example, in organizations that handle highly sensitive data and require both strong security and secure data processing capabilities.
Significant progress is also being made in improving the efficiency of HE schemes, including the development of custom hardware architectures to accelerate these operations. So, it is not unlikely that homomorphic encryption may eventually become viable even for mainstream cryptographic applications.
TL;DR
Post-Quantum Cryptography (PQC) is being developed to secure data against future quantum attacks, which threaten traditional schemes like RSA and ECC, and to a lesser extent AES (source).
Shor’s algorithm, proposed in 1994, could one day break today’s cryptographic standards. However, mass adoption of PQC is currently limited by practical issues like large key sizes and the lack of finalized standards.
This means the transition will happen gradually, starting in sectors with high security requirements.
🔐 Get Ready Today for the Security of Tomorrow
In a world where quantum threats are no longer science fiction, it's crucial to stay ahead of the curve. Dhiria builds privacy-preserving machine learning solutions powered by cutting-edge cryptographic techniques like homomorphic encryption. We help organizations securely process sensitive data with future-proof, compliance-ready architectures.
👉 Discover how we can help you protect your data in the quantum era.
Visit www.dhiria.com or contact us at info@dhiria.com for a personalized demo.
