πŸ” Quantum Computing Ireland

Post-Quantum Cryptography and Ireland's Quantum-Safe Future

A technical analysis of NIST FIPS 203/204/205, EU regulatory mandates, and the practical roadmap for Irish enterprises to achieve quantum-safe infrastructure.

By Michael English, Co-Founder & CTO, IMPT.io  Β·  Clonmel, Co. Tipperary, Ireland
Aug 2024
NIST FIPS 203/204/205 finalised β€” migration starts now
~20M
Physical qubits needed for a cryptographically relevant quantum computer
10–15yr
ENISA estimated timeline to a CRQC β€” harvest-now-decrypt-later is today's threat
€35M
Maximum EU AI Act / NIS2 penalty for non-compliance
⚠️ The Harvest-Now-Decrypt-Later Threat Is Current Nation-state adversaries are likely already collecting encrypted communications today for decryption once quantum hardware matures. Any data that must remain confidential beyond 2030–2035 is at risk right now.

Contents

  1. The Quantum Threat: Timeline and Technical Reality
  2. NIST FIPS 203/204/205: The New Standards
  3. EU Regulatory Landscape
  4. Practical Deployment Guide for Irish Organisations
  5. The Irish Quantum Ecosystem
  6. CRYSTALS, SPHINCS+, and the Academic Foundations
  7. Roadmap for Ireland: 2025–2030

1. The Quantum Threat: Timeline and Technical Reality

Why Classical Cryptography Fails Against Quantum Adversaries

Modern public-key cryptography rests on two computational hardness assumptions: the Integer Factorisation Problem (IFP) underlying RSA, and the Discrete Logarithm Problem (DLP) underlying ECDSA and ECDH β€” the algorithms securing most TLS, SSH, and blockchain infrastructure.

In 1994, Peter Shor published a quantum algorithm demonstrating that a sufficiently powerful quantum computer could solve both IFP and DLP in polynomial time β€” O((log N)Β³). The implication is stark: any public-key infrastructure built on RSA, ECC, or Diffie-Hellman is theoretically vulnerable to a cryptographically relevant quantum computer (CRQC).

Current State of Quantum Hardware (2024–2026)

SystemQubitsKey Milestone
IBM Condor (2023)1,121First 1000+ qubit superconducting system
IBM Heron (2023)133~40Γ— lower error rates than Condor
Google Willow (2024)105Below-threshold quantum error correction β€” first time ever
CRQC Requirement~20M physicalRequired to break RSA-2048 in 8 hours (Gidney & EkerΓ₯, 2021)

Google's Willow processor achieved a landmark in December 2024: below-threshold quantum error correction β€” logical error rates decreasing as code distance increases. This removes a fundamental barrier to fault-tolerant quantum computing. While still many years from a CRQC, this milestone materially shortens the timeline estimate.

2. NIST FIPS 203/204/205: The New Post-Quantum Standards

FIPS 203 β€” ML-KEM (Key Exchange)

Formerly CRYSTALS-Kyber, ML-KEM is the primary standard for key encapsulation and key exchange, replacing ECDH and RSA key exchange in TLS, SSH, and other protocols. Security rests on the hardness of the Module Learning With Errors (MLWE) problem.

Parameter SetSecurity LevelPublic KeyCiphertext
ML-KEM-512Level 1 (AES-128 equiv.)800 B768 B
ML-KEM-768Level 3 (AES-192 equiv.)1,184 B1,088 B
ML-KEM-1024Level 5 (AES-256 equiv.)1,568 B1,568 B
βœ… Excellent Performance ML-KEM-768 key generation takes ~67 microseconds on a modern Intel processor β€” faster than ECDH P-256. There is no performance barrier to deployment.

FIPS 204 β€” ML-DSA (Digital Signatures)

Formerly CRYSTALS-Dilithium, ML-DSA replaces ECDSA and RSA signatures in code signing, certificate authorities, and authentication. Uses a Fiat-Shamir with Aborts signature scheme over module lattices.

FIPS 205 β€” SLH-DSA (Hash-Based Signatures)

Formerly SPHINCS+, SLH-DSA provides a hash-based alternative whose security rests solely on hash function properties (SHA-256, SHAKE). Recommended alongside ML-DSA for cryptographic diversity β€” if lattice assumptions are broken, SLH-DSA remains secure.

3. EU Regulatory Landscape

NIS2 Directive (Transposed into Irish Law 2024)

Requires "state of the art" cryptography for essential and important entities. Per ENISA guidance, state of the art now includes post-quantum cryptography for systems handling long-lived sensitive data. Irish operators in energy, transport, finance, health, digital infrastructure, and public administration are directly affected.

DORA (Financial Services, January 2025)

Requires financial entities to document cryptographic dependencies, assess cryptographic agility, and include quantum risk in ICT risk frameworks. The Central Bank of Ireland has reinforced these requirements under its Prudential Regulations framework.

EU Quantum Flagship (€1 Billion Programme)

The EU's decade-long quantum investment programme drives PQC adoption as critical infrastructure. Ireland participates through Tyndall National Institute, TCD, UCD, and ICHEC. EuroQCI will deploy QKD across all 27 member states by 2027.

4. Practical Deployment Guide for Irish Organisations

Step 1: Cryptographic Inventory

The prerequisite for migration β€” catalogue every asymmetric cryptographic operation in your systems. Key questions: which algorithm, what key size, what purpose, what data lifetime?

# Scan TLS cipher suites (free tool)
testssl.sh --cipher-per-proto your-server.ie

# Check certificate key type and size
openssl s_client -connect your-server.ie:443 | \
  openssl x509 -noout -text | grep "Public Key"

Step 2: Deploy Hybrid TLS Immediately

Hybrid key exchange (X25519 + ML-KEM-768) adds quantum protection with zero downside β€” classical security is maintained. Google Chrome defaults to this since Chrome 124.

# Nginx configuration for hybrid TLS
ssl_protocols TLSv1.3;
ssl_ecdh_curve X25519MLKEM768:x25519:secp256r1:secp384r1;

Step 3: Priority Migration Order

Use CaseQuantum RiskPriority
Certificate Authority roots (20+ year validity)CriticalImmediate
Long-lived data encryption key wrappingHigh2025–2026
TLS key exchange (ECDH)High (HNDL)2025 (hybrid)
SSH server keysMedium2026–2027
Short-lived JWT tokensMedium2026–2028

5. The Irish Quantum Ecosystem

Tyndall National Institute (Cork) β€” Europe's largest microelectronics research centre. Quantum photonics and semiconductor research for quantum hardware supply chains.

Trinity College Dublin β€” Quantum materials and devices; participation in EU Quantum Flagship QuantERA networks.

University College Dublin β€” Quantum algorithms and theoretical foundations; Horizon Europe quantum research partnerships.

ICHEC β€” Access to EuroHPC quantum simulators for Irish researchers and companies; Ireland's gateway to EU quantum computing access programmes.

NCSC Ireland β€” Published Quantum Threat Advisory 2023; recommends all public sector bodies begin cryptographic inventory processes immediately.

6. CRYSTALS, SPHINCS+, and the Academic Foundations

The NIST standards emerged from foundational academic research spanning three decades:

7. Roadmap for Ireland: 2025–2030

2025
Foundation: Cryptographic inventory + hybrid TLS deployment
2026–27
Core migration: PKI, code signing, long-lived data key management
2028–30
Full ecosystem: All certificates PQC-capable; blockchain PQC integration
πŸ’‘ The Window for Proactive Action Is Open The tools, standards, and vendor support all exist now. The NIST FIPS standards remove the last barrier β€” standardisation uncertainty. Every day without action on harvest-now-decrypt-later accumulates quantum risk.
ME

Michael English β€” Co-Founder & CTO, IMPT.io

Michael English is Co-Founder & CTO of IMPT.io, a blockchain-based carbon credit platform operating across the EU. He writes on post-quantum cryptography, distributed systems, and the intersection of cryptography and sustainable finance. Based in Clonmel, Co. Tipperary, Ireland.

Continue Learning: Quantum Computing Ireland

Deep Dive
NIST FIPS 203 (ML-KEM) Explained for Irish Tech Leaders
Strategy
Ireland's Quantum Readiness: What Businesses Need to Know
Technical
The Quantum Threat to RSA and ECC Encryption
Mathematics
Lattice-Based Cryptography: The Mathematical Foundation
EU Policy
EU Quantum Flagship: What It Means for Irish Tech
Guide
Building Quantum-Safe Infrastructure: Enterprise Guide

References

  1. NIST. (2024). FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard. DOI: 10.6028/NIST.FIPS.203
  2. NIST. (2024). FIPS 204: Module-Lattice-Based Digital Signature Standard. DOI: 10.6028/NIST.FIPS.204
  3. NIST. (2024). FIPS 205: Stateless Hash-Based Digital Signature Standard. DOI: 10.6028/NIST.FIPS.205
  4. Shor, P.W. (1994). "Algorithms for quantum computation." 35th Annual Symposium on FOCS, pp. 124–134.
  5. Regev, O. (2005). "On Lattices, Learning with Errors." STOC 2005, pp. 84–93.
  6. Gidney, C. & EkerΓ₯, M. (2021). "How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits." Quantum, 5, 433.
  7. ENISA. (2021). Post-Quantum Cryptography: Current State and Quantum Mitigation.
  8. NCSC Ireland. (2023). Post-Quantum Cryptography: Threat Advisory Notice.