Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Hybrid Horizons: Policy for Post-Quantum Security

Anais Jaikissoon

TL;DR

This paper addresses regulatory gaps in preparing for post-quantum security by advocating hybrid cryptography, combining classical cryptography with quantum-resistant primitives such as LMS/XMSS (hash-based signatures) and ML-KEM/ML-DSA (module-lattice schemes). It outlines a practical path that includes testing in isolated environments using Open Quantum Safe and Qiskit, and frames regulatory advancement through new or updated FIPS and SP documents guided by NIST and ETSI GR QSC. Key contributions include a proposed regulatory blueprint for hybrid cryptography, risk assessment frameworks, and a projected migration timeline from classical to hybrid to quantum cryptography (2026–2035). The work emphasizes proactive policy development, international coordination, and concrete testing tools to enable a safer, scalable transition to quantum-safe cryptography with measurable security guarantees and accountability for misuse.

Abstract

The Age of Artificial Intelligence is here. In 2025, there are few regulations governing artificial intelligence. While the expansion of artificial intelligence is going in a relatively good direction, there is a risk that it can be misused. Misuse of technology is nothing new and will continue to happen. The lack of regulation in artificial intelligence is necessary because it raises the question of how we can move forward without knowing what the limits are. While artificial intelligence dominates the technology industry, new technology is starting to emerge. Quantum cryptography is expected to replace classical cryptography; however, the transition from classical to quantum cryptography is expected to occur within the next 10 years. The ability to transition from classical to quantum cryptography requires hybrid cryptography. Hybrid cryptography can be used now; however, similar to artificial intelligence, there is no regulation or support for the regulatory infrastructure regarding hybrid machines. This paper will explore the regulatory gaps in hybrid cryptography. The paper will also offer solutions to fix the gaps and ensure the transition from classical to quantum cryptography is safely and effectively completed.

Hybrid Horizons: Policy for Post-Quantum Security

TL;DR

This paper addresses regulatory gaps in preparing for post-quantum security by advocating hybrid cryptography, combining classical cryptography with quantum-resistant primitives such as LMS/XMSS (hash-based signatures) and ML-KEM/ML-DSA (module-lattice schemes). It outlines a practical path that includes testing in isolated environments using Open Quantum Safe and Qiskit, and frames regulatory advancement through new or updated FIPS and SP documents guided by NIST and ETSI GR QSC. Key contributions include a proposed regulatory blueprint for hybrid cryptography, risk assessment frameworks, and a projected migration timeline from classical to hybrid to quantum cryptography (2026–2035). The work emphasizes proactive policy development, international coordination, and concrete testing tools to enable a safer, scalable transition to quantum-safe cryptography with measurable security guarantees and accountability for misuse.

Abstract

The Age of Artificial Intelligence is here. In 2025, there are few regulations governing artificial intelligence. While the expansion of artificial intelligence is going in a relatively good direction, there is a risk that it can be misused. Misuse of technology is nothing new and will continue to happen. The lack of regulation in artificial intelligence is necessary because it raises the question of how we can move forward without knowing what the limits are. While artificial intelligence dominates the technology industry, new technology is starting to emerge. Quantum cryptography is expected to replace classical cryptography; however, the transition from classical to quantum cryptography is expected to occur within the next 10 years. The ability to transition from classical to quantum cryptography requires hybrid cryptography. Hybrid cryptography can be used now; however, similar to artificial intelligence, there is no regulation or support for the regulatory infrastructure regarding hybrid machines. This paper will explore the regulatory gaps in hybrid cryptography. The paper will also offer solutions to fix the gaps and ensure the transition from classical to quantum cryptography is safely and effectively completed.

Paper Structure

This paper contains 11 sections, 1 figure, 2 tables.

Table of Contents

  1. Introduction
  2. Classical Cryptography
  3. Review of current Standards, Frameworks, and Guidelines for Classical Cryptography
  4. Recommendations for Hybrid Machines
  5. What is Hybrid Cryptography?
  6. Recommendations for Transition from Classical to Quantum Cryptography using Hybrid Machines
  7. Current Regulations for Hybrid Cryptography Machines
  8. What Regulation for Hybrid Cryptography Should Look Like
  9. Risk Associated with Hybrid Cryptography
  10. Timeline for Hybrid Cryptography
  11. Conclusion

Figures (1)

  • Figure 1: PQC Migration