Why we cannot wait for better post-quantum signature algorithms

Curated from Cloudflare Blog

Organizations often delay cryptographic upgrades, assuming quantum threats are years away. This complacency ignores the reality of harvest-now-decrypt-later attacks, where adversaries intercept encrypted data today to decrypt it once quantum computers become viable. Relying on NIST’s final standardization timeline is a strategic error that leaves sensitive infrastructure exposed during the transition period. While the industry awaits finalized standards, practitioners must evaluate current candidates to mitigate immediate risks. The article highlights ML-DSA as the most robust available option for implementation, offering a pragmatic path forward without waiting for bureaucratic completion. Ignoring this window of opportunity creates unnecessary technical debt and security vulnerabilities. You need to assess your current signature schemes against emerging post-quantum standards now, not after an incident. Start integrating ML-DSA into your critical paths to future-proof your systems against evolving computational threats.

NIST is advancing nine new post-quantum signature algorithms as potential candidates for future standardization. We take a closer look at all of them, and argue that while they are in the works and show great potential, we should use ML-DSA for now — the best one currently available.

— Cloudflare Blog

Read the full article on Cloudflare Blog →