The Linux Foundation recently announced the formation of the Post-Quantum Cryptography Alliance (PQCA), a groundbreaking initiative to advance and promote the adoption of post-quantum cryptography (PQC). This alliance is a collaborative effort that brings together a diverse group of industry leaders, researchers, and developers to tackle the cryptographic challenges posed by the advent of quantum computing. By focusing on the production of high-assurance software implementations of standardized algorithms and supporting the development of new post-quantum algorithms, the PQCA aims to be a central resource for organizations seeking to align with the U.S. National Security Agency’s Cybersecurity Advisory and the Commercial National Security Algorithm Suite 2.0.
The creation of the PQCA is a response to the urgent need for cryptographic solutions that can withstand the potential threats posed by future quantum computers. With founding members such as Amazon Web Services (AWS), Cisco, Google, IBM, and NVIDIA, the alliance with the Linux Foundation is well-positioned to drive significant advancements in securing sensitive data and communications in the post-quantum era. These companies, along with others like IntellectEU, Keyfactor, Kudelski IoT, QuSecure, SandboxAQ, and the University of Waterloo, will work on various technical projects, including the development of software for evaluating, prototyping, and deploying new post-quantum algorithms, to facilitate the practical adoption of PQC across different industries.
One of the PQCA’s inaugural projects is the Open Quantum Safe project, which started at the University of Waterloo in 2014 and is a leading open-source software initiative devoted to post-quantum cryptography. Additionally, the PQCA will host the new PQ Code Package Project, aiming to build high-assurance, production-ready software implementations of forthcoming post-quantum cryptography standards, beginning with the ML-KEM algorithm. This endeavor signifies a collective effort to ensure cryptographic agility and secure the digital ecosystem against advanced cyber threats in the quantum computing age.
Support from the alliance’s members highlights a shared commitment to enhancing global cybersecurity infrastructure in anticipation of quantum computing’s impact. From AWS’s investment in post-quantum key agreement and signature schemes to Google’s focus on making the ecosystem PQC-ready and Cisco’s acknowledgment of the complex technology migration to post-quantum cryptography, each member brings unique insights and contributions. This collaboration, as emphasized by the Linux Foundation and participants like IBM, IntellectEU, Keyfactor, Kudelski IoT, NVIDIA, QuSecure, SandboxAQ, and the University of Waterloo, underscores a unified approach to engineering a secure post-quantum future, leveraging open-source solutions to address the imminent challenges and opportunities presented by quantum computing.
Kenna Hughes-Castleberry is the Managing Editor at Inside Quantum Technology and the Science Communicator at JILA (a partnership between the University of Colorado Boulder and NIST). Her writing beats include deep tech, quantum computing, and AI. Her work has been featured in National Geographic, Scientific American, Discover Magazine, New Scientist, Ars Technica, and more.