Cybersecurity · Quantum

Quantum Entropy and Post Quantum Readiness

The move to post quantum cryptography is the biggest change to encryption in a generation, and most of the attention is on the new algorithms. Far less is said about the foundation they stand on. New quantum resistant keys are only as strong as the randomness used to create them. This guide explains how quantum entropy and post quantum migration fit together, and where to begin.

There is a race underway to replace the encryption that protects almost everything online. The public key algorithms in use today, the ones securing web traffic, signatures and key exchange, can in theory be broken by a sufficiently powerful quantum computer. In response, new post quantum algorithms have been standardised and the long migration to them has begun. It is a genuinely large undertaking. But in the rush to adopt new algorithms, the quiet foundation underneath them is easy to overlook. Every one of those new keys is still generated from a random number, and if the randomness is weak, the quantum resistance is undermined before it starts.

In short

Post quantum cryptography changes the algorithm, not the dependency on randomness. A quantum resistant key built on weak entropy is still a weak key. Because attackers can store encrypted data today and decrypt it once quantum computers mature, the quality of the keys you generate now already matters for data that must stay secret for years. Strong, verifiable entropy is part of the foundation of a credible post quantum programme, not a separate topic.

Two quantum problems, often confused

The word quantum attaches to two different things in security, and conflating them causes a lot of muddle.

The first is the threat. A large quantum computer running the right algorithm could break the public key cryptography, such as RSA and elliptic curve, that underpins today's secure communication. That is the reason for post quantum cryptography, a new family of algorithms designed to resist quantum attack. The second is a tool. Quantum physics can also be used to generate genuinely unpredictable random numbers, which is what a quantum random number generator does. One is a problem to defend against, the other is a capability to use. This guide is about where they meet, because the defence quietly depends on the tool.

New algorithms still need good keys

The new standards for post quantum cryptography, including the key exchange algorithm known as ML-KEM and the signature algorithm ML-DSA, were finalised by NIST and are now being adopted. They are well designed and represent years of public scrutiny. But no algorithm, however modern, escapes the fundamental dependency. Its keys are generated from random numbers, and if those numbers are predictable then the keys are predictable, quantum resistant or not. Swapping to a post quantum algorithm while feeding it poor randomness is like fitting a stronger lock to a door whose key you leave under the mat. The lock is not the weak point.

Harvest now, decrypt later

There is a reason this matters today rather than whenever large quantum computers arrive. Attackers can capture and store encrypted data now, and simply wait until the tools to decrypt it exist. Anything with a long secrecy life, medical records, state and defence material, financial and legal data, intellectual property, is therefore already exposed to a future decryption. The practical consequence is that the strength of the keys protecting your long lived data matters now, not later. Every key you generate today with weak entropy is a key that may be far easier to attack tomorrow. Good randomness is one of the few things you can improve immediately that pays off across that whole timeline.

Why the foundation comes first

It is tempting to treat post quantum migration purely as an algorithm swap. But if you rebuild your cryptography on entropy you cannot measure or trust, you have modernised the visible layer and left the foundation untouched. Getting entropy right first means the new algorithms are built on solid ground.

Crypto agility, and why entropy belongs in it

Nobody knows exactly how the post quantum transition will play out, which algorithms will endure, or what will need replacing again. The sensible response is crypto agility: designing systems so that algorithms, keys and their underlying sources can be changed without re engineering everything around them. Entropy fits naturally into that mindset. If quantum grade randomness is delivered as a managed service that your applications and cryptographic systems draw from, rather than hard wired into each one, then the foundation is both stronger and easier to govern and evolve. Agility at the algorithm layer is worth much more when the layer beneath it is consistent and observable.

Where quantum entropy plugs into your stack

The reassuring part is that quantum entropy meets the systems you already run rather than replacing them. The natural integration points are exactly the places keys are made and managed.

  • Hardware security modules. HSMs are where high value keys are generated and protected, so feeding them certified quantum entropy strengthens the most sensitive keys in the estate. Quside, for example, is a verified solution for Thales Luna HSMs, delivering SP 800-90B compliant quantum entropy into that environment.
  • PKI and certificate lifecycle. Certificate authorities and PKI platforms mint keys constantly. Integrations with certificate lifecycle tooling, such as Keyfactor, bring quantum entropy into that machinery, which matters as PKI itself moves to post quantum algorithms.
  • TLS and application cryptography. Modern toolchains such as OpenSSL 3.2 and above, TLS 1.3, PKCS#11 and libraries like Bouncy Castle and EJBCA are where day to day cryptography actually happens. Partner integrations, for instance with PQShield, help route quantum entropy and quantum safe algorithms into those environments with minimal change.

Delivering entropy as infrastructure

To support all of that without redesigning each system, quantum randomness is best delivered centrally, as a service. An entropy appliance behind a simple API lets many applications and cryptographic systems draw high quality quantum randomness on demand, secured with modern transport such as TLS 1.3 and optional mutual authentication, and available on premises or over a private cloud connection. That turns entropy from a scattered per system concern into a governed, monitored layer, which is exactly the shape a serious post quantum programme wants underneath it. Our guide to the Quside platform covers how that appliance and the wider portfolio are put together.

Where to start

Post quantum readiness is a programme, not a purchase, and it begins with understanding rather than buying. The sensible first moves are to inventory where you use cryptography and where your keys are generated, identify the data and devices whose secrets must stay safe for many years, assess how good and how measurable your current entropy actually is, and plan the migration in a crypto agile way so algorithms and sources can be changed over time. Strengthening entropy is one of the earliest and most durable steps you can take, because it pays off no matter which algorithms ultimately win. If you want the groundwork first, our QRNG explainer covers why randomness carries this much weight.

Where Quside fits

C4C works with Quside because its strengths line up with this problem. Its quantum entropy sources are certified to NIST SP 800-90B and expose runtime monitoring of randomness quality, and it has real, documented integrations with the HSM, PKI and cryptographic tooling named above, from Thales Luna to Keyfactor to OpenSSL environments through PQShield. That combination lets a post quantum programme strengthen its foundation using the systems it already has, rather than treating quantum security as a science project. We go through the full portfolio in our guide to the Quside platform.

Where to start

A short readiness assessment, mapping where you generate keys, what must stay secret for years, and how strong your entropy is today, tells you far more than a product demo. It turns post quantum from an abstract worry into a concrete, ordered plan.

Getting serious about post quantum readiness?

C4C helps organisations plan a crypto agile path to post quantum cryptography and get the entropy foundation right underneath it. We work with Quside to bring certified quantum randomness into your HSM, PKI and application cryptography where it counts.

Prefer email? Reach us directly at hello@c4cgroup.co.uk.

Frequently asked questions

Does post quantum cryptography still need a good random number generator?

Yes. Post quantum algorithms change the mathematics that resists a quantum computer, but they still generate their keys from random numbers. If that randomness is weak or predictable, the keys are weak regardless of how modern the algorithm is. Strong, verifiable entropy is part of the foundation of any credible post quantum programme, not a separate concern.

What is "harvest now, decrypt later"?

It is the practice of capturing and storing encrypted data today so it can be decrypted in future, once quantum computers are powerful enough to break the encryption protecting it. It means anything with a long secrecy life, such as medical, financial, legal, intellectual property or state data, is already exposed. The strength of the keys you generate now therefore matters immediately, not only when large quantum computers arrive.

What is crypto agility?

Crypto agility is designing systems so that cryptographic algorithms, keys and their underlying sources can be changed without re engineering everything around them. It matters because the post quantum transition is uncertain and further changes are likely. Delivering entropy as a central, managed service rather than hard wiring it into each system supports agility, because the foundation can then evolve without touching every application.

How does quantum entropy fit with my HSM and PKI?

Hardware security modules and PKI platforms are where high value keys are generated and managed, so they are the natural places to inject certified quantum entropy. Quside, for example, is a verified solution for Thales Luna HSMs and integrates with certificate lifecycle tooling such as Keyfactor, which lets you strengthen the most sensitive keys in your estate using the systems you already operate.

Are the new post quantum standards ready to use?

Yes. NIST has finalised the first post quantum standards, including the key exchange algorithm ML-KEM and the signature algorithm ML-DSA, and adoption is underway across vendors and toolchains such as OpenSSL and TLS 1.3. The realistic path is a gradual, crypto agile migration rather than an overnight switch, and getting the entropy foundation right is one of the earliest steps.

Where should we start with post quantum readiness?

Start by understanding, not buying. Inventory where you use cryptography and generate keys, identify the data and devices whose secrets must stay safe for years, assess how strong and how measurable your current entropy is, and plan the migration so algorithms and sources can be changed over time. Strengthening entropy is an early, durable step because it pays off whichever algorithms ultimately prevail.