Challenges and Opportunities of PQC Deployment Workshop

This talk provides an overview of the post‑quantum cryptography landscape, including essential background, the status of global standardization, and emerging government policies guiding migration. It then highlights the specific challenges for the mobile industry — spanning performance constraints, IoT‑driven size limitations, and long infrastructure lifecycles — and outlines how 5G and 6G standards are integrating quantum‑resistant algorithms. The session concludes with key priorities for telecom PQC migration, including PKI updates and secure roots‑of‑trust.

The recent PQC standardization process by NIST marks a major milestone in the transition to quantum-resistant algorithms. However, algorithmic security alone is insufficient if implementations remain vulnerable to side-channel attacks. This talk surveys side-channel attacks on the new FIPS PQC standards, with the goal of assessing their current implementation maturity. The analysis aims to highlight remaining challenges and provide insight into where further defensive effort is needed.

Space systems are experiencing rapid growth and increasing reliance as providers of communications, navigation, and sensing services that are critical to both civilian and governmental users. This talk examines the security implications of this shift, focusing on how failures in satellite security propagate to real-world consequences on Earth. Using real-world incidents and architectural perspectives, the presentation highlights why space systems differ fundamentally from terrestrial IT systems, particularly in terms of lifetime, upgradability, and assurance constraints. These characteristics raise important questions about long-term cryptographic trust and motivate a discussion on how space systems can prepare for post-quantum threats through architectural and lifecycle-aware security design.

A national network has been formed to discuss and plan for preparations of PQC in the health data and medtech sectors. The Swedish eHealth Agency (E-hälsomyndigheten) is the convenor of the network which is constituted also by representation from e.g. other concerned healthcare, innovation and defence agencies, public and private healthcare providers, medtech and IT systems providers as well as cybersecurity enterprise, academia and research institutes, and standardisation organisations. This network has initiated projects using the EU Roadmap for the Transition to PQC as basis for preparing a proposal for a national sector-specific roadmap. The EU Roadmap states that sensitive data, such as health data, should be transitioned to PQC no later than 2030. In this presentation Michel Silvestri will describe this network, the initiated projects and other efforts for making Swedish health data quantum-safe.

With the available standardization of the algorithms of ML-DSA, ML-KEM and SLH-DSA, they are ready for deployment. Thus, replacing the existing algorithms of RSA, ECC and Diffie-Hellman may be considered straightforward. But is that a correct assumption? Unfortunately, these algorithms are no drop-in replacements for the classic algorithms and a number of considerations must be applied. This presentation outlines challenges and mitigation strategies of such challenges.

The outlined mitigation strategies are significantly simplified by the previously unheard-of degrees of freedom the FIPS 203, 204, and 205 standards offer to integrators of these algorithms. By discussing the offered freedoms, a usage and deployment may be devised that provides an appropriate fit to the respective use case.

Finally, existing network protocol updates are required for deploying the PQC algorithms. The current approaches integrating the PQC algorithms in the common network protocols of TLS, IKE/IPSec, and SSH are discussed. As part of the discussion, general ideas of timelines are also given.

Quantifying information leakage is an essential part to many parts of cybersecurity, with applications ranging from designing countermeasures to traffic analysis, to establishing rekeying guidelines in symmetric encryption, and evaluation of novel encryption algorithms such as PQC. In this talk I will introduce some ongoing research into using neural network estimators to quantify upper and lower bounds on mutual information, for use in cryptography and cybersecurity.

Two years ago the European Union initiated a coordinated transition to Post-Quantum Cryptography and created a group for the member states to work together. The group is situated within the framework for cooperation regarding the NIS2-directive, which is implemented as the new "cybersäkerhetslag" in Sweden. As the Swedish representative I will report on the work of this group and further implementation of it in Sweden, in particular the roadmap for the transition and recommended immediate action points.

In this short talk, we first briefly introduce the quantum threat to cryptography, provide advice on its mitigation, and discuss current mitigation challenges. We then give a brief overview of our public research into quantum cryptanalysis and post-quantum cryptography. This presentation will be given from the perspective of the Swedish NCSA. Some of the public research referenced herein was conducted at KTH by people funded or employed by the Swedish NCSA.