Post-Quantum Cryptography: A Ten-Year Market and Technology Forecast

Report: #IQT-PQT-0119
Published January 8, 2019

The market for post-quantum cryptography (PQC) already generates revenue and will expand as quantum computers capable of breaking common public key encryption schemes with Shor’s algorithm become more widely deployed. For now, post-quantum cryptography finds its market in critical long-lived data such as plans for aircraft and medical databases that need to survive well into the era of powerful quantum computers.

Some IT managers are already aware of the quantum threat and are applying PQC selectively using interim standards and technologies. Many more individuals with purchasing authority are expected to buy into PQC over the next five years as they come to understand quantum threats and quantum computer era gets closer. The addressable market for PQC is can be measured in the billions of units — encryption is hidden everywhere in both hardware and software — and adoption will also accelerate as PQC algorithms are finalized in the NIST selection process.
This report identifies the PQC opportunities that will emerge in how the market roadmap for PQC will evolve over the coming decade. Coverage of this report includes:

    • Ten-year forecasts of the PQC market with breakouts by government, military and intelligence services, telecommunications, financial services, healthcare/medical records, general business applications, disaster recovery, and consumer Web browsers.


    • A technology/market roadmap for PQC over the coming decade. This roadmap examines the commercial potential for embedding PQC into a growing number of product types including firmware (digital signatures), IoT devices, web browsers, credit cards, cryptocurrencies and, of course, databases.


    • Analysis of the new PQC standards emerging from NIST, the IETF and a slew of other influencers such as ETSI, the Cloud Security Alliance and ITU-T. The report discusses how these standards will help shape the PQC market along with key standards-related issues such as the potential for pure post-quantum cryptography vs. hybrid classical/quantum approaches and PQC vs. quantum physics-based Quantum Key Distribution (QKD).


  • Strategic profiles of leading commercial firms active in the PQC space. These profiles include giants such as Infineon, IBM, Google and Microsoft, along with interesting startups such as Isara. These profiles are designed to provide the reader of this report with an understanding on how the major players are creating PQC products and building marketing strategies for PQC as quantum computers become more ubiquitous.

Inside Quantum Technology compiled this research report based on interviews with firms active in the PQC and related markets. The report is also based on our ongoing research in the quantum technology business. We believe this report will become required reading for marketing and business executives as well as product managers in the encryption and computing sectors as well as managers in IT-related industries more generally. In addition, this report will provide guidance to the growing number of investors that are taking an interest in the quantum technology space.

Return and Privacy Policy →

Table of Contents
Executive Summary
E.1 Post-quantum cryptography – Future requirements for the entire digital infrastructure
E.2 Uses of public key cryptography
E.3 Revenue opportunities for post-quantum cryptography
E.4 Standardization activities
E.5 Seven firms to watch in the post-quantum cryptography space
Chapter One: Introduction
Background to this report
Quantum security threats: The bottom line
A PQC adoption timetable
1.2 Goals and scope of this report
1.3 Methodology of this report
1.4 Plan of this report
Chapter Two: Post-Quantum Encryption Technology and Products
2.1 Security vulnerabilities for existing public key encryption created by quantum computers
2.1.1 Role of Shor’s algorithm
2.1.2 When will a solution be needed? A timetable for the quantum computer threat
2.1.3 Time required to implement a new infrastructure
2.1.4 Post-quantum encryption vs. quantum key distribution (QKD)
2.1.5 Related vulnerabilities for symmetric cryptographic algorithms and hash functions
2.2 Classification of post-quantum algorithms by NIST
2.2.1 Lattice based cryptography
2.2.2 Code based cryptography
2.2.3 Multivariate polynomial based cryptographyl
2.2.4 Hash-based cryptography
2.2.5 Other cryptographic schemes
2.2.6 Stateful hash-based signature schemes being proposed by the IETF
2.2.7 Hybrid classical/quantum algorithms
2.3 Post-quantum encryption - Emerging products and services
2.3.1 Embedded systems
2.3.2 Special purpose post quantum software
2.3.3 Incorporated into standard internet browsers
2.3.4 Chip level solutions for post quantum encryption
2.3.5 IT services
2.3.6 Ten year forecast of post quantum encryption revenue by application segment
2.3.7 Key points from this chapter
Chapter Three: Markets for Post-Quantum Encryption
3.1 Data types that could be at risk
3.1.1 Data value versus data shelf life
3.1.2 Data types at risk
3 1.3 Will IT managers be proactive about protecting their data against quantum attacks?
3.2 General forecasting considerations for post-quantum cryptography
3.2.1 Ten-year forecast of overall penetration by post-quantum cryptography
3.2.2 Indirect versus direct revenue considerations
3.3 Civil government (police, embassies, domestic security)
3.3.1 Market potential for post-quantum cryptography
3.4 Military, intelligence services and domestic security agencies
3.4.1 Market potential for post-quantum cryptography
3.5 Financial institutions
3.5.1 Market potential for post-quantum cryptography
3.6 Telecommunications providers
3.6.1 Market potential for post-quantum cryptography
3.7 Data storage and disaster recovery
3.7.1 Market potential for post-quantum cryptography
3.8 Healthcare and medical records
3.8.1 Market potential for post-quantum cryptography
3.9 General business usage
3.9.1 Market potential for post-quantum cryptography
3.10 Consumer usage
3.10.1 Market potential for post quantum cryptography
3.11 Key points from this chapter
Chapter Four: Current Post-Quantum Encryption Companies and Other Organizations
4.1 Isara
4.2 Envieta Systems LLC
4.3 Post Quantum (PQ Solutions)
4.4 evolutionQ
4.5 Cambridge Quantum Computing
4.6 Infineon Technologies
4.7 Rambus Security Division
4.8 IBM Research
4.9 Microsoft Research
4.10 Google Research
4.11 OnBoard Security
4.12 Thales Communications and Security
4.13 Post-Quantum Advanced Technologies (PQAT)
Chapter Five: Other Organizations
5.1 National Institute of Standards and Technology (NIST)
5.1.1 Post quantum encryption selection at NIST
5.1.2 Classes of algorithm
5.2 SafeCrypto
5.3 Internet Engineering Task Force (IETF)
5.3.1 IETF work related to PQC
5.4 National Security Agency (NSA)
5.4.1 NSA work related to PQC
5.5 Cloud Security Alliance (CSA)
5.5.1 Quantum safe security working group
5.6 ISO
5.6.1 SC27 WG2
5.7 European Telecommunications Standards Institute (ETSI)
5.8.1 Collaboration with NIST
5.9 Institute of Electrical and Electronics Engineers (IEEE)
5.10 International Telecommunications Union (ITU)
5.11 ANSI Accredited Standards Committee X9
5.12 Open Quantum Safe
About the Author
List of Acronyms

Single-user license (One Computer) ($495.00)
Group-user license (Up To Five Computers) ($795.00)
Enterprise-user license (Unlimited Computers Within Your Organization) ($995.00)

15% discount available for Academic and Government Organizations. Those eligible to receive a discount code, please contact