Quantum security will be a decisive part of future cybersecurity as quantum technologies advance. Once quantum computers reach sufficient capacity, they will be able to break today’s encryption. ETSI (European Telecommunications Standards Institute) is leading the work of developing standards to address these threats and secure Europe’s digital infrastructure.
Article in short
Quantum computers could one day break today’s encryption. To prevent this, ETSI is developing standards for post-quantum cryptography (PQC) and quantum key distribution (QKD). These technologies are essential to secure Europe’s digital infrastructure and are part of the EU’s Quantum Europe Strategy.
An invisible threat that cannot be ignored
Quantum technology is advancing rapidly and holds the promise of solving problems beyond the reach of classical computers. But the same technology also poses a serious threat: once quantum computers reach sufficient capacity, they will be able to crack most of today’s encryption methods.
This risk is already present. Attackers can collect encrypted data now and decrypt it later, a strategy often called “store now, decrypt later”. Sensitive information such as government communications, healthcare records, or trade secrets could be compromised long before quantum computers become fully operational.
The threat is based on the ability of quantum computers to use Shor’s algorithm to quickly factorise large numbers and solve discrete logarithm problems – two mathematical challenges at the heart of today’s asymmetric cryptography (such as RSA and ECC). Symmetric algorithms like AES are less vulnerable, but can still be weakened by Grover’s algorithm, which effectively halves the key length. Taken together, this means that much of our current security infrastructure could become obsolete in a short time once a sufficiently powerful quantum computer becomes reality.
Facts: What is a quantum computer?
Unlike a classical computer, which processes information in bits (0 or 1), a quantum computer uses qubits that can represent both 0 and 1 at the same time, thanks to a phenomenon called superposition. This allows quantum computers to perform complex calculations much faster than classical machines.
While today’s prototypes are still limited, many experts believe it is only a matter of time before large-scale quantum computers become powerful enough to break RSA and other widely used cryptographic systems. Read more on quantum computers on Wikipedia.
Classical bits process information linearly, while qubits can explore many states simultaneously – enabling exponential computational power.
Quantum security in practice: PQC and QKD
To prepare for this shift, ETSI is working on quantum security – technologies that can withstand attacks from quantum computers. Two main approaches dominate the field:
Post-Quantum Cryptography (PQC): Algorithms based on mathematical problems that are believed to resist attacks even from quantum computers. These can be implemented in classical IT systems, which makes them easier to adopt.
Quantum Key Distribution (QKD): A method that uses quantum mechanics to securely exchange cryptographic keys. Any attempt to intercept the communication disturbs the quantum states and reveals the intrusion.
Rather than competing, PQC and QKD complement each other. PQC offers scalability and integration with existing systems, while QKD provides ultimate security for particularly critical communications.
ETSI has published several specifications to support this work. ETSI TS 104 015 defines hybrid key exchanges that combine classical and quantum-safe algorithms. Meanwhile, ETSI GS QKD 016 sets requirements for interoperability between different QKD systems.
ETSI also provides migration guidance through reports such as ETSI TR 103 949, which outlines strategies for moving from classical to quantum-safe cryptography. This includes risk assessments, prioritisation of vulnerable systems and phased implementation – highlighting that the transition requires years of preparation.
ETSI’s standardisation for quantum security
ETSI translates advanced research into practical, interoperable solutions. This work takes place for example through ISG-QKD, which focuses on architecture, security requirements and interoperability for QKD systems, and TC CYBER, which works with post-quantum cryptography and has developed TS 104 015. ETSI also runs plugtests, where vendors and researchers test their solutions to ensure interoperability and compliance with security requirements.
Read also: ETSI’s role in the development of standardisation – from GSM to global impact – on how ETSI went from shaping the GSM mobile standard to influencing global ICT standardisation.
Facts: Technical specifications vs. standards
ETSI publishes several types of documents. For PQC and QKD, the most relevant today are Technical Specifications (TS) and Group Specifications (GS).
Technical Specification (TS): A detailed technical document describing how a technology can be implemented. Example: ETSI TS 104 015.
Group Specification (GS): Produced by a specific Industry Specification Group, such as ETSI ISG-QKD. Example: ETSI GS QKD 016.
Standard (EN/IS): A formally adopted and harmonised European Standard. For PQC and QKD, no final standards exist yet – the technologies are still being tested.
Part of a larger European effort
Quantum security is a key component of the EU Quantum Europe Strategy, which aims to position Europe as a world leader in quantum technologies by 2030. The strategy stresses that Europe must translate its strong research base into market-ready solutions and avoid fragmentation between Member States.
“The large-scale vision, cooperation and investment needed to make this quantum ecosystem a reality, and compete on the world stage, cannot be provided solely by measures taken at EU level, or by any single Member State acting alone.”
– European Declaration on Quantum Technologies
This also means that responsibility lies with every organisation – from companies to public authorities – to start planning their transition to quantum-safe solutions now.
The future of quantum security and what is at stake
The shift to quantum-safe solutions will be one of the biggest changes in cybersecurity in decades. According to ETSI TR 103 949, migration is a multi-year process: organisations need to map dependencies on vulnerable protocols, prioritise which systems to upgrade first, and gradually implement new solutions. The earlier this work begins, the lower the risks when quantum computers become practical.
Ahead lies not only large-scale post-quantum migration but also the development of the Quantum Internet and the integration of quantum technologies with AI and autonomous.
Read more on ITS membership and working groups.
