In a significant development for cybersecurity, on March 11, 2025, the National Institute of Standards and Technology (NIST) announced the selection of Hamming Quasi-Cyclic (HQC) as the fifth algorithm for post-quantum encryption. This addition to NIST's post-quantum cryptography (PQC) standards represents another crucial step in the global effort to secure our digital infrastructure against the looming threat of quantum computing.
The race against quantum computing's cryptographic threat has accelerated dramatically, with major governments now issuing formal directives to prepare critical infrastructure. In January 2022, the White House released National Security Memorandum 8 (NSM-8), mandating federal agencies to initiate their transition to quantum-resistant cryptography. This was followed by the White House Office of the National Cyber Director's implementation guidance in May 2023, establishing concrete timelines for federal systems to achieve quantum resistance.
Canada has similarly recognized the urgency of this challenge. In July 2023, the Communications Security Establishment (CSE) published its Quantum-Safe Cryptography Guidance, outlining specific steps for Canadian organizations to identify cryptographic vulnerabilities and implement post-quantum solutions. The guidance emphasizes that organizations should begin migration planning immediately, even though quantum computers capable of breaking current encryption are still years away.
These directives from both North American governments underscore a critical reality: the transition to Post-Quantum Cryptography (PQC) is no longer optional for organizations that handle sensitive information or operate critical infrastructure. The technical complexities of cryptographic migration, combined with potential supply chain dependencies, mean that organizations must begin assessment and planning now to ensure readiness when quantum-resistant standards are finalized.
Those responsible for managing cyber-risk should not wait to act; solutions that can start to be implemented are available today.
Understanding NIST's Latest PQC Selection
HQC will serve as a backup for ML-KEM (formerly known as CRYSTALS-Kyber), which remains NIST's main algorithm for general encryption. What makes this selection particularly important is that HQC is based on error-correcting codes, a completely different mathematical foundation than the structured lattices used in ML-KEM.
This difference is not just academic. As Dustin Moody, the mathematician who heads NIST's Post-Quantum Cryptography project, explained: "We are announcing the selection of HQC because we want to have a backup standard that is based on a different math approach than ML-KEM. As we advance our understanding of future quantum computers and adapt to emerging cryptanalysis techniques, it's essential to have a fallback in case ML-KEM proves to be vulnerable."
NIST plans to issue a draft standard incorporating the HQC algorithm in about a year, with the finalized standard expected by 2027. This timeline gives organizations a chance to prepare, but also underscores the urgency of beginning migration planning now.
Why Cryptographic Diversity Matters
Cryptographic diversity—having multiple approaches based on different mathematical problems—is a fundamental risk management strategy in cybersecurity. With quantum computing, we're venturing into relatively uncharted territory. While NIST has conducted rigorous testing and analysis of potential post-quantum algorithms, having options based on different mathematical foundations provides essential redundancy.
If a significant vulnerability were discovered in lattice-based cryptography, systems relying solely on ML-KEM might be compromised simultaneously. With HQC in place as a backup based on error-correcting codes, organizations will have an alternative path to quantum-safe encryption.
This approach aligns with guidance from multiple security agencies, including the NSA's Commercial National Security Algorithm Suite 2.0, which emphasizes the need for cryptographic resilience through algorithm diversity.
The SNDL/HNDL Threat: Why We Can't Wait
The urgency behind NIST's post-quantum standardization efforts is driven by what security experts call the "Store Now, Decrypt Later" (SNDL) or "Harvest Now, Decrypt Later" (HNDL) threat model.
Here's the sobering reality: adversaries—both nation-states and sophisticated criminal organizations—are already harvesting encrypted data transmitted over networks today. They're storing this data with the intent to decrypt it once quantum computers capable of breaking current encryption become available.
This means that any data with long-term sensitivity (trade secrets, personal health information, financial records, classified government information) that is transmitted today using current public-key encryption could be compromised in the future, even if you switch to quantum-resistant algorithms before quantum computers arrive.
According to the Global Risk Institute's 2024 Quantum Threat Timeline Report, more than half of surveyed experts (17/32) believe there's more than a 5% likelihood of a cryptographically-relevant quantum computer (CRQC) appearing within 10 years, with almost a third (10/32) indicating a likelihood of about 50% or more.
For organizations that handle data with a shelf-life of 5-10 years or longer, the risk is already present. The time to begin migration planning is now.
Taking Action: How Organizations Should Respond
In light of NIST's continued progress toward PQC standardization, here are the steps organizations should take immediately:
1. Inventory cryptographic assets: Identify where and how your organization uses public-key cryptography. The NCCoE's Migration to Post-Quantum Cryptography project has developed tools and methodologies to assist with this inventory process.
2. Assess data sensitivity and shelf-life: Determine which data requires long-term protection and how long that protection must last. Data with a longer shelf-life should receive priority in your migration plans.
3. Prioritize systems for migration: Using Mosca's equation (migration time + shelf-life time > threat timeline), identify which systems need the most urgent attention.
4. Develop migration strategies: Create comprehensive plans for transitioning priority systems to post-quantum cryptography, including testing and implementation phases.
5. Monitor standards development: Stay informed about NIST's ongoing standardization work and begin integrating the published standards as they become finalized.
6. Implement cryptographic agility: Build systems that can easily transition between cryptographic algorithms, facilitating smoother migrations as standards evolve.
7. Engage with vendors: Start asking your technology vendors about their PQC roadmaps. When will they support standardized post-quantum algorithms? What will the upgrade path look like?
The Road Ahead for PQC Implementation
With the selection of HQC, NIST continues to build out its portfolio of post-quantum cryptographic standards. Three standards—ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205)—have already been published in draft form and are expected to be finalized in 2024. A fourth standard built around the FALCON algorithm will be released shortly as FIPS 206.
The Office of Management and Budget Memorandum M-23-02 has directed federal agencies to begin migration planning, including conducting inventories of cryptographic systems. While this directive applies specifically to federal systems, it provides a useful framework for private sector organizations as well.
For many organizations, hybrid approaches that combine classical and post-quantum algorithms will serve as a bridge during the transition. These hybrid implementations provide backward compatibility while adding protection against future quantum threats.
Conclusion
NIST's selection of HQC as a fifth post-quantum algorithm reinforces the message that quantum-safe encryption is not a distant concern but a present necessity. The cryptographic diversity provided by HQC's different mathematical approach gives organizations an important backup option as we navigate the uncertain waters of quantum computing development.
The Store Now, Decrypt Later threat means the clock is already ticking. Every day that sensitive data is transmitted using only classical encryption is another day that this data could be harvested for future decryption.
Whether your organization is just beginning its quantum-readiness journey or already well along the path, NIST's announcement underscores the importance of moving forward with purpose and urgency. The time to prepare for quantum-safe encryption is today—not when quantum computers arrive.
The good news is that with proper planning and a methodical approach to migration, organizations can effectively manage the transition to post-quantum cryptography. The tools, standards, and guidance exist. What's needed now is action.
In an era where quantum computing threatens traditional encryption, proactive preparation is essential. Post-Quantum Cryptography isn't just a technical upgrade—it's a strategic necessity for protecting your organization's most valuable assets.
Arctiq's specialized team is ready to guide you through every step of your PQC journey, from initial assessment to full implementation. Our expertise in cryptographic modernization ensures a smooth transition that minimizes disruption while maximizing security.
Don't wait until quantum threats materialize. Reach out to Arctiq today to discuss your organization's specific needs and discover how our tailored solutions can help you modernize your systems and enable PQC. Together, we'll build a quantum-resistant foundation for your digital future.
Contact Arctiq now to schedule a consultation and begin your path to quantum-resistant security.
