A response to the ATIS quantum threat white paper 

by James Trenholmeon Posted on

Tick Tock. No, not the social media app for zany dance moves. Nor Kesha’s iconic 2010 bop. It’s the sound of the clock as it counts down to Q-Day – the day that a Cryptographically Relevant Quantum Computer (CRQC) comes into existence. Are you ready?

Government organisations including NIST in the US and the NCSC in the UK, are mandating the move to Post-Quantum Security, and if you’re reading this then it’s likely you are already keen to move quickly to protect your organisation from quantum attack. But in March 2025, ATIS (the Alliance for Telecommunications Industry Solutions) released a stark warning that the timeline for the creation of a CRQC may be shorter than we suspected. Quantum threats are accelerating, and organisations relying on classical encryption cannot afford to wait.

While many assumed that quantum computing wouldn’t pose a real-world threat until 2035 or later, this latest analysis reveals that new innovations, whether surface codes or cat qubits, could bring quantum decryption capabilities online much sooner. 

At Cavero Quantum, we believe this report doesn’t just validate our work on Symmetrikey, it makes it even more urgent. 

A Shrinking Window of Safety 

The paper from ATIS describes five technologies that have the potential to shorten the time to a CRQC, including topological Qubits and hybrid quantum algorithms like QAOA (Quantum Approximate Optimization Algorithm).  You can download the full whitepaper by clicking here, but the summary is that these technologies are eroding the timeline for quantum-safe transitions. What once felt like a 10-year problem is quickly becoming a this-decade imperative.

Every day, billions of cryptographic keys are exchanged, securing financial transactions, corporate communications, and private data. Once quantum computers mature, encrypted information captured today can be decrypted retroactively (‘harvest now, decrypt later’). 

The report reiterates what many of us already know: classical encryption schemes like RSA and ECC will be vulnerable to quantum attacks once a CRQC is built. And one technology in particular listed by the paper, QAOA, may even pose a threat to post-quantum cryptographic (PQC) systems – though more on that later. Organisations must act now to ensure cryptographic agility, transition to PQC, and monitor the evolving risk landscape. 

The big takeaway? Waiting is the real risk. 

Symmetrikey: Quantum-safe security, even in constrained environments

These issues are exactly why we built Symmetrikey — a new cryptographic protocol designed for post-quantum security without complexity. 
 
It’s a drop-in replacement for traditional key exchange algorithms such as ECDH, engineered to: 

  • Use the quantum-resistant hardness of Ring Learning With Errors (RLWE) 
  • Leverage correlation filtering to confirm mutual secrets faster than KEM-based solutions
  • Require no specialist hardware and minimal bandwidth overhead 
Learn how Symmetrikey works

How Symmetrikey meets the quantum challenges

The ATIS report urges organisations to: 

  • Adopt post-quantum cryptography early 
  • Avoid dependence on certificate infrastructure 
  • Plan for hybrid cryptographic scenarios 
  • Invest in crypto-agility and quantum readiness today 

Symmetrikey addresses each of these needs. It’s one of the easiest PQC algorithms to implement, and can run in constrained environments such as IoT devices or on legacy infrastructure, enabling you to protect your entire network rather than just core assets. Symmetrikey is also designed to work with our proprietary Continuous Trust Verification Protocol Authentikey, to create a quantum-safe and two-way endpoint authentication mechanism that doesn’t rely on certificates. In fact, Authentikey is designed to operate with Symmetrikey, ML-KEM, and ECDH individually, or in combination. This allows you to create a crypto-agile setup that works with whatever level of encryption you currently use, and then migrate to quantum-safe key exchange without the need for extensive re-engineering. 

Unlike resource-intensive PQC solutions or hardware-heavy Quantum Key Distribution (QKD) systems, Symmetrikey is a practical step organisations can take now, without waiting, to secure their products and services.

What about the threat to PQC?

A close read of the paper does reveal that Quantum Approximate Optimisation Algorithm has the potential to threaten PQC algorithms, by shortening the time taken for a quantum computer to solve lattice-based cryptographic puzzles. It’s natural to then ask: ‘should I be bothering with PQC at all?’

Simply put, the answer is: yes.

The most important reason to continue migrating to PQC is that the paper states that QAOA technology is still being tested, and “has not yet demonstrated clear superiority over classical optimisation methods”. In other words, there is no guarantee yet that the threat of QAOA will materialise. For the sake of argument, however, let’s say that such a threat does materialise.

Right now, the only other quantum-safe alternative to PQC is Quantum Key Distribution. While QKD is demonstrably more secure than PQC, it also faces severe limitations in where and how it can be rolled out. It relies on fibre optic cables, which in turn means there is a maximum distance over which QKD can be implemented – and the cost and complexity are considerable. In fact, the UK’s NCSC published a white paper in August in which they say that QKD is still not supported for Government or military applications, and that “PQC is the best mitigation to the threat to cryptography from quantum computers.”

That brings us back to PQC. Based on current information, the threat that QAOA delivers to PQC algorithms is seemingly equal regardless of the algorithm you choose. Symmetrikey, ML-KEM, and ML-DSA are all equally likely to be threatened by QAOA. Combined with the fact that the impact of QAOA is still uncertain, PQC is still the option that offers the best balance of security and practicality.

From Theory to Action: What Comes Next 

It will be no surprise that at Cavero Quantum we agree with ATIS’ recommendation that you adopt PQC as soon as possible. If the future is arriving faster than expected, our security has to move even faster.

Our advice is to find the right provider for your organisation. Many organisations are working on PQC, from giants like IBM to smaller players like Cavero Quantum. Given the volatility of the current landscape, it’s vital to find a partner that is committed to developing solutions in partnership with you, and who has the time to listen to your needs and input when devising a new product (whether for use or for sale to your own customers). That partner should also be committed to pushing the boundaries of PQC, staying abreast of the latest developments – such as QAOA – and planning how to respond to them.

At Cavero we pride ourselves on combining some of the smartest minds in quantum cryptography with a personal approach to each of our potential partners or customers. It’s our goal to make quantum security effective and available to as many people as possible, in order to keep as many people safe from quantum attack as possible. If that’s a mission that resonates with you, we’d love to hear from you.

Fill in the form below to request the Symmetrikey scientific paper, which explains how Symmetrikey works in more detail.