Why Europe Needs Quantum-Resistant Cybersecurity
The cryptography that protects Europe’s banks, hospitals, power grids, and citizens was designed for a pre-quantum world. That world is ending. This inaugural blog post summarises why quantum computing changes everything, necessitating a new approach to cybersecurity. The next decade matters; Q-FENCE is directly addressing the cybersecurity challenges posed by the quantum era.
A storm on the horizon
For more than four decades, public-key cryptography has quietly held the digital world together. Every secure browser session, every encrypted patient record, every banking transaction, every signed software update, all of it rests on a small number of mathematical problems that classical computers cannot solve in any reasonable amount of time.
Quantum computers change that assumption.
Algorithms like Shor’s, running on a sufficiently powerful quantum machine, can factor large numbers and compute discrete logarithms in a fraction of the time that classical hardware would need. In practical terms, that means the cryptographic foundations of RSA and elliptic-curve cryptography, the building blocks of TLS, digital signatures, secure email, VPNs, and much of the public internet, become vulnerable.
The Global Risk Institute estimates an 11% to 31% probability that quantum computers will be capable of breaking today’s encryption standards by 2030. That is not a distant academic concern. It is a planning horizon for governments, regulators, and operators of critical infrastructure right now.
The “harvest now, decrypt later” problem
The most uncomfortable feature of the quantum threat is that it is already happening in a sense.
Adversaries do not need a working quantum computer today to cause damage tomorrow. They simply need to capture encrypted traffic now and store it. When quantum capability matures, those archives become readable. Patient records, financial transactions, intellectual property, diplomatic cables, defence communications, and anything else with a long confidentiality lifetime is, in effect, already at risk.
This is what cryptographers call the “harvest now, decrypt later” attack. It reframes the quantum question entirely. The question is not “when will quantum computers be strong enough to break encryption?” It is “what data am I transmitting today that still needs to be confidential in ten or twenty years?”
For most operators of critical infrastructure, the honest answer is: almost all of it.
Why Europe, specifically
Cybersecurity is a global challenge, but quantum-resilience is a European strategic one for several reasons that merit highlighting.
Digital sovereignty. Europe has spent the last decade building the policy and industrial scaffolding for a sovereign digital economy; GDPR, the NIS2 Directive, the Cybersecurity Act, the European Cybersecurity Competence Centre (ECCC). Sovereignty is meaningless if the cryptographic primitives underneath that scaffolding are imported, opaque, or breakable by a foreign adversary with a quantum computer. Europe needs indigenous, validated, standards-aligned post-quantum cryptography (PQC) that European industry can deploy with confidence.
Critical sectors at scale. European hospitals, banks, energy operators, satellite networks, and public administrations are interconnected at a scale that magnifies any single cryptographic weakness. A breach in one node is rarely contained to that node.
A regulatory environment that demands long-lived confidentiality. GDPR, sector-specific rules like PSD2 in finance, and clinical data protection obligations all assume that encrypted data stays encrypted. Quantum threatens that assumption directly, and regulators are beginning to take notice. ENISA and NIST have both signalled that organisations should be planning their PQC migration now, not in 2029.
The cost of inaction is measurable. The average cost of a data breach is approaching €4.5 million, and the sectors most exposed to quantum risk, like, healthcare, finance, public infrastructure, are also the most expensive to breach. A McKinsey analysis suggests hybrid classical/post-quantum approaches can reduce migration costs by up to 40% compared with wholesale cryptographic replacement. Acting early is more cost effective than acting late.
The transition is harder than it sounds
NIST’s post-quantum standardisation process selected its first algorithms (including CRYSTALS-Kyber and Dilithium) after a six-year evaluation, and broad deployment is expected to take another five to ten years. The reasons are practical rather than theoretical.
Post-quantum algorithms tend to use larger keys and signatures than their classical counterparts. They place different demands on memory, bandwidth, and power, a serious issue for IoT devices, embedded systems, and satellite payloads. They have to coexist with decades of legacy infrastructure that cannot simply be turned off and rebuilt. And they have to be integrated without breaking the protocols, applications, and supply chains that depend on them.
Gartner has reported that over 70% of organisations feel unprepared to deploy PQC at scale. IBM’s own measurements suggest only around 11% have made meaningful progress. The bottleneck is not the mathematics; the bottleneck is engineering, standardisation, compatibility, and trust.
Where Q-FENCE comes in
 |
Q-FENCE is a Horizon Europe project tackling exactly this gap. The project is building a dual-layer cryptographic framework that combines two complementary defences: A soft cryptographic core based on lattice-based post-quantum schemes (Ring-LWE and Module-LWE) seeded by Quantum Random Number Generation for high-entropy keys. |
A hardware root-of-trust core built on Physically Unclonable Functions (PUFs), which give each device a unique, unclonable identity tied to its physical characteristics.
The point of the dual-layer design is to address quantum risk at both ends of the stack, the mathematics and the silicon, and to do so in a way that is hybrid and phased. Q-FENCE is designed to work alongside existing classical cryptography, not replace it overnight, so that organisations can transition without service disruption or operational risk.
The framework will be validated across five real-world pilots covering finance (cross-bank anti-money laundering), healthcare (secure sharing of encrypted patient data), smart cities (IoT data aggregation), satellite networks (quantum-safe space communication), and enterprise networks (bidirectional quantum-resistant connections). These pilots span the sectors where the quantum threat is most acute and where Europe’s strategic interests are most concentrated.
What’s next
Over the next three years, the Q-FENCE consortium, fifteen partners across Ireland, Italy, Spain, Germany, Luxembourg, Poland, Romania, Austria, Switzerland, and the UK, will be publishing results, releasing open-source tools, contributing to standardisation through bodies like NIST, ETSI, and CEN/CENELEC, and engaging with policymakers and industry. We will also be sharing what we learn here on the blog, with contributions from across the consortium covering everything from quantum randomness and hardware-rooted trust to use-case lessons and policy alignment.
If your organisation is starting to think seriously about its post-quantum migration, or if you suspect it should be, we’d encourage you to follow along.
The quantum era is not waiting for us. Europe’s response cannot wait either.
Follow Q-FENCE Website: qfence-project.eu · LinkedIn: @Q-Fence · Zenodo: Q-FENCE Community · YouTube: @Q-FENCE
This project has received funding from the European Union’s Horizon Europe research and innovation programme under Grant Agreement N° 101225708, as well as the Swiss State Secretariat for Education, Research and Innovation (SERI). Views and opinions expressed are those of the author(s) only and do not necessarily reflect those of the European Union or SERI.