The Post-Quantum Cryptography future: What telcos need to know

Quantum’s threat to cryptography has two timelines, and alongside this future risk to the encryption used by everyone, one is already here – ‘Harvest Now, Decrypt Later’ attacks. These involve adversaries planning for a quantum future by collecting encrypted data today, betting on the fact they’ll be able to decrypt once quantum computers arrive. In the context of telcos, that means SIM credentials and subscriber data with 5-10 year lifecycles are at risk today.

The sheer number of devices involved, alongside performance and resource constraints, means that the migration to post-quantum cryptography isn’t something that can happen overnight. But with several post-quantum cryptographic algorithms standardised back in 2024, the clock is ticking – although the GSMA specifications for PQC in mobile networks are still maturing. Starting pilots in 2026 might mean the typical telco or large enterprise can expect to achieve quantum resilience by 2030 – a year that many industry watchers expect we’ll see the first workable quantum computer and as such has become a rough deadline for PQC migration.

Telcos specifically face a range of obstacles to successful PQC migration. For one thing, the PQC algorithms themselves require 3-10x larger key sizes than existing encryption, posing a real challenge for the tiny resources onboard IoT devices.

Telcos are also operating mission-critical networks, which means service disruption while the cryptography is upgraded is simply not possible. Migration must be invisible, which means the best approach is likely via a phased rollout. Telcos should use a combination of mandating every new SIM or eSIM quantum-ready, Over-The-Air (OTA) updates for existing devices that support it. 

With our decades of cryptography expertise, Thales has been playing an active role in the PQC transition. Closely collaborating with NIST, Thales has co-authored the new ‘Falcon’ FN-DSA FIPS 206 digital signature algorithm. We also continue to deeply engage in GSMA, 3GPP or Global Platform standardisation, helping both write and implement standards to push the entire wider industry forwards.

There is so much to consider when it comes to cryptography, so it is difficult to know where to start. Practically, MNOs, OEMs and IoT providers can’t protect what they don’t know exists – so acting this year starts with mapping every cryptographic asset they have, from network elements, SIMs and eSIMs, through to IoT endpoints and PKI infrastructure. 

Next comes prioritisation by risk – which should be based on factors like data sensitivity, lifecycle duration, or regulatory exposure. Is data stored and managed as part of government or financial services contracts, or sensitive healthcare IoT? How long are affected devices likely to be deployed for? Are there any sectors the enterprise operates in that might face emerging PQC mandates? 

From there, an action plan becomes clearer. Start out small, testing NIST-approved algorithms in controlled environments. A telco might start with new eSIM provisioning for enterprise customers, for example, or an IoT fleet within a single vertical, before scaling. 

Given the scale telcos operate at, these immediate actions from completing a cryptography inventory, through to piloting deployments, could take up to a year. The following actions of phased migration may in turn require as long as two years to complete. This should happen across two spectrums - prioritising new device provisioning first, alongside over-the-air updates to the existing device base. 

Ensuring that every new SIM and eSIM ships quantum-ready costs nothing incremental, and in the process starts building your quantum-safe device base. Upgrading devices with sufficient processing power and memory, meanwhile, can be done remotely provided the right eSIM platform is used – an approach recently demonstrated by Thales.

Full quantum resilience only comes over the long term, which after two years of phased migration, means telco leaders could be looking at completion by 2033 if they start this year. It’s no small task - network infrastructure must be migrated in full, across all core, edge, RAN and interconnecting points, while legacy systems that can’t be moved to quantum safely need to be retired.

The post-quantum future is arriving quickly, and the scale and scope of the challenge quantum poses to encryption is significant. The quantum-safe MNOs, OEMs and IoT providers will be those that treat PQC efforts as a mandatory infrastructure investment, not an optional spend on innovation.