PQC in NC

OpenSSL Foundation recently had the opportunity to partner with All Things Open on one of their meet-up events in Research Triangle Park, North Carolina. We were excited to have 150 attendees join us for this top-notch evening hosted by Cisco, one of the Foundation’s generous premier supporters.

Panelists and audience at the November 18, 2025 All Things Open meet-up event in RTP, NC, USA

The topic of the night was Open Source Post-Quantum Cryptography (PQC), featuring a talk by Foundation President Matt Caswell and a panel discussion with four local PQC experts:

  • Jai Arun, Head of Product Management & Strategy, Quantum Safe and Crypto-Agility Products, IBM Software
  • Aydin Aysu, Associate Professor, University Faculty Scholar, Electrical & Computer Engineering Department, North Carolina State University
  • Scott Fluhrer, Principal Engineer, Cisco
  • Panos Kampanakis, Principal Security Engineer, AWS

For all those who couldn’t join us at the event, read on to learn more!

To start, cryptography is built on algorithms. RSA and the Diffie-Hellman key exchange are some of the best known algorithms that have been around for many years, are trusted to provide secure connections, and are found in countless pieces of software around the world.

The concern is that quantum computers, which are built around the principles of quantum mechanics, are expected to be able to break algorithms like these due to their exponentially faster – and previously unimaginable – computing power. Although there does not yet exist a quantum computer with sufficient computing capacity to break today’s most common algorithms, it seems likely that this will happen at some point.

In preparing for that future, the US National Institute of Standards and Technology (NIST) finalized standards for three post-quantum algorithms in August 2024: ML-KEM, ML-DSA, SLH-DSA. These algorithms are believed to be quantum-safe, meaning that they will still provide security in the face of a powerful quantum computer of the future.

In April 2025, OpenSSL3.5 was released with support for these three newly standardized PQC algorithms. Support for ML-KEM and ML-DSA are integrated into TLS. By default, TLS uses a hybrid that combines both a classical and PQC algorithm (X25519MLKEM768). We are proud to be a leader in adopting post-quantum cryptography and helping our users make the transition to quantum-safe computing.

When will this threat actually become realized? When will someone have a quantum computer sufficiently powerful to break today’s encryption? No one knows for sure, but our panelists offered a variety of estimates. NIST (in the US) and its equivalent agencies in Canada, the UK, and Europe have all set a deadline of 2035 for converting from today’s algorithms to these quantum-safe ones, and that’s the date most of the industry is focusing on.

The transition to PQC is going to be a huge global effort. But it’s also not going to be the last time we need to update cryptographic algorithms. While a quantum computer is the threat we’re working to prevent today, we know there will be other, as-of-yet-unimaginable, threats to combat in the future. The real goal is to create cryptographic agility so that these occasional necessary changes are easier to execute.