Glossary
Post-quantum vocabulary, defined.
- Cryptographically relevant quantum computer (CRQC)
- A future quantum computer powerful and stable enough to break widely deployed public-key cryptography. No such system exists publicly today.
- Post-quantum cryptography (PQC)
- Cryptographic algorithms designed to resist attacks by both classical and quantum computers, even before any CRQC arrives.
- Public key exposure
- Whether a wallet's public key has been revealed on-chain. Exposure increases theoretical future quantum risk for some address types.
- Harvest now, decrypt later
- The risk that attackers collect encrypted data now and decrypt it later when capabilities improve.
- Cryptography inventory
- A structured record of protocols, certificates, keys, libraries, vendors, backups, and systems that rely on cryptography.
- Crypto-agility
- The ability to change cryptographic algorithms, libraries, and protocols without redesigning the system.
- ML-KEM
- NIST-standardized post-quantum key-establishment mechanism (based on Module-Lattice KEM).
- ML-DSA
- NIST-standardized post-quantum digital signature algorithm (based on Module-Lattice DSA).
- SLH-DSA
- Stateless hash-based NIST post-quantum signature standard with a different security design than lattice-based signatures.
- Hybrid cryptography
- Combining a classical algorithm with a post-quantum algorithm so a system stays secure if either holds up.
- Cryptographic agility evidence
- Documentation that a system can switch algorithms or libraries with predictable engineering effort.
- Quantum-aware vs quantum-safe
- Quantum-aware describes a project that acknowledges PQ risk; quantum-safe is a stronger claim that requires verifiable evidence and review.
FAQ
Frequently asked questions
What does PQC stand for?
PQC stands for post-quantum cryptography — classical algorithms (running on ordinary computers) designed to remain secure against attackers with a large quantum computer. NIST standardized the first PQC algorithms (ML-KEM, ML-DSA, SLH-DSA) in 2024.
What is the difference between quantum cryptography and post-quantum cryptography?
Quantum cryptography (e.g., QKD, quantum key distribution) uses quantum physics to secure communications and requires specialized hardware. Post-quantum cryptography runs on classical computers and is drop-in-replaceable for RSA and ECC. The two are distinct fields.
What is crypto-agility?
Crypto-agility is the ability to change cryptographic algorithms, key sizes, or parameters in a system without rewriting the application. It is the prerequisite for a smooth PQC migration and is a top recommendation from NIST NCCoE.