In the Era of Quantum Computing,
SDS is Taking the Following Steps to Enhance Security
– Participating in NIST Post-Quantum Cryptography Migration Project
NIST (National Institute of Standards and Technology) is leading a project to migrate to PQC (Post-Quantum Cryptography) in readiness for the potential vulnerabilities of current public key cryptographic algorithms posed by advancements in quantum computing technology. This project aims to support organizations in protecting their critical data and digital systems from future quantum computing attacks. Launched in June 2022, the project began with 13 founding members, including Samsung SDS, and has since grown to include 47 collaborators, encompassing companies and government agencies (NSA and CISA), as of April 2025. The Security Research Team of Samsung SDS Research has been an active participant since its inception in 2022 and continues to play a pivotal role in the project's ongoing efforts.
In this post, we will provide a concise overview of the current trends in PQC migration before delving into a detailed introduction of the project, with a particular focus on Samsung SDS's contributions. For comprehensive project details, you can visit the official NIST website.
👉 See the Official Project (NIST)
Will Security Collapse in 2029?
The emergence of quantum computing has exposed the vulnerabilities of current cryptographic systems, making the migration from current public key cryptography to PQC (Post-Quantum Cryptography) an urgent necessity. Gartner has highlighted the significance of this shift by including PQC migration as one of the top 10 strategic technology trends for 2025. Experts predict that by 2029, advancements in quantum computing will render most existing asymmetric cryptographic methods insecure.
* (Reference Link) https://www.gartner.com/en/articles/top-technology-trends-2025
What is PQC and Why is it Important?
PQC encompasses cryptographic algorithms designed to withstand attacks from quantum computers. It introduces a new generation of public key cryptography that ensures secure encryption even in a quantum computing environment. Often referred to as "quantum-resistant" or "quantum-safe" cryptography, PQC involves upgrading the hardware or software of current cryptographic systems to protect data and information from quantum threats. Unlike a complete replacement of existing systems, PQC focuses on enhancing them to address the risks posed by quantum computing.
Current Status of the NIST PQC Migration Project
The U.S. government initiated the standardization of Post-Quantum Cryptography (PQC) algorithms in 2017. In August 2024, it officially released three Federal Information Processing Standards (FIPS), comprising one key encapsulation mechanism (ML-KEM) and two digital signature algorithms (ML-DSA, SLH-DSA).
The preparation for the PQC migration in the U.S. began in earnest in 2021. The White House issued a National Security Memorandum (NSM-10) in May 2022, and NIST launched the PQC migration project. In December 2022, the U.S. Congress enacted related legislation (H.R. 7535), and by August 2024, the estimated migration cost was approximately $1 billion.
NIST's PQC migration project, titled "Migration to Post-Quantum Cryptography," began in June 2022. The project aims to provide practical guidelines necessary for the PQC migration.
Initially, 13 companies, including Samsung SDS, participated in the project, but it now involves a total of 47 companies and institutions. Participants include IT giants such as AWS, Microsoft (MS), and IBM, financial institutions like HSBC and JPMorgan, as well as government agencies such as the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA).
The project's primary deliverables are published as part of the NIST Special Publication (SP) 1800 series. In March 2023, SP 1800-38A was released, outlining the project's background and objectives. By December 2023, SP 1800-38B, which focuses on identifying quantum-vulnerable cryptographic scenarios, and SP 1800-38C, which documents interoperability and performance test results for PQC-based implementations, were issued.
On March 11, 2025, NIST announced the selection of HQC (Hamming Quasi-Cyclic) as the fifth PQC algorithm for standardization, marking a pivotal milestone in the quantum-resistant cryptography standardization effort. HQC, the second key encapsulation mechanism (KEM) algorithm chosen, was primarily designed to serve as a robust backup to CRYSTALS-Kyber. This decision underscores significant advancements in the PQC standardization process by reducing dependency on a single algorithm and enhancing cryptographic diversity.
Samsung SDS's Activities and Achievements in the NIST PQC Project
2022: Participating in the NCCoE Migration Project
Samsung SDS became the sole Asian company to join the NIST project as an early member and has since remained actively engaged. In 2022, the company began participating in the NCCoE Migration Project and is now actively engaged in PQC standardization and migration projects.
2022-2023년: Project Progress and Technological Development
The aim of NCCoE's PQC Migration Project was to develop strategies for replacing hardware, software, and services with solutions resistant to quantum computer-based attacks. During this initiative, Samsung SDS developed the Crypto Agility Platform, equipping enterprises with the tools needed to migrate to post-quantum cryptography (PQC).
The aim of NCCoE's PQC Migration Project was to develop strategies for replacing hardware, software, and services with solutions resistant to quantum computer-based attacks. During this initiative, Samsung SDS developed the Crypto Agility Platform, equipping enterprises with the tools needed to migrate to post-quantum cryptography (PQC).
2025년: Leading Cryptographic Technology in Korea
In March 2025, Samsung SDS once again demonstrated its excellence in quantum-resistant cryptography. Notably, the hash-based digital signature algorithm AIMer (developed through a collaboration with KAIST) was selected as a standard algorithm at the national quantum-resistant cryptography competition in Korea. This achievement highlights Samsung SDS's proactive role in shaping domestic technology standards. In April, Samsung SDS presented Software-Defined Cryptography: Enabling Crypto Agility in Enterprise IT at the NIST Crypto Agility Workshop. This approach introduced the concept of software-defined cryptography, enabling flexible and efficient migrations and management of cryptographic algorithms. It garnered significant attention from global enterprises as a cost-effective solution for PQC migration.
Samsung SDS's Current Status in Securing PQC Technology
Samsung SDS has secured the Crypto Agility Platform for Enterprise to address the key stages of PQC migration: identification, analysis, and migration. From 2023 to 2024, the company has obtained seven related patents, preparing for Crypto Agility implementation.
In terms of external activities, Samsung SDS has been actively engaged both domestically and internationally. Globally, the company has presented its cryptographic migration technologies at events such as the NIST Crypto Agility Workshop, ETSI/IQC Quantum Safe Cryptography Conference 2025, and Real World Crypto 2024. Domestically, Samsung SDS has shared its expertise on PQC migration at conferences like Cyber Summit Korea and KpqC, earning recognition for its technological capabilities.
Through these comprehensive efforts, Samsung SDS is proactively responding to the new technological paradigm of PQC migration and continues to strengthen its global-level expertise.
