FINAL WORD
Meanwhile, Cloudflare, Google, and browser vendors have spent years testing hybrid approaches like X25519MLKEM768 to ensure compatibility, performance and resilience during the transition. Despite early friction – largely due to middleboxes expecting classical packet sizes – over 50 % of global Internet traffic is now protected against quantum-era decryption attacks.
The Harder Part: PQ Signatures
Signatures remain the biggest hurdle. ML- DSA-44 adds around 15 KB of extra data to each TLS handshake – too heavy for slow mobile networks. FN-DSA-512 reduces this overhead but introduces side-channel risks from floating-point operations.
Experimental schemes like SQISign, MAYO, SNOVA and UOV offer trade-offs between size, performance and security, but none are ready for large-scale deployment.
That is why we’ re working with Chrome on Merkle Tree Certificates, a next generation of certificates, that brings post-quantum without performance degradation.
For now, ML-DSA-44 is the most realistic starting point, even if not ideal.
What Organisations Should Do Now
Companies should act on two priorities:
1. Adopt post-quantum key exchange immediately. Use hybrid modes like X25519 + ML-KEM-768 to prevent harvest-now / decrypt-later attacks. Tools such as Cloudflare Radar and Wireshark can verify support.
2. Prepare for PQ signatures. Identify high risk uses of cryptography, modernise outdated systems, enable automated certificate management and begin testing PQ-ready infrastructure.
The global transition to PQC is an opportunity to modernise decades of legacy cryptography. Those who start early will be ready long before Q-Day arrives. •
64
INTELLIGENT CIO MIDDLE EAST www. intelligentcio. com