Imagine waking up to discover that the confidential information your business thought was completely secure is suddenly accessible to cyber attackers. Customer details, sensitive financial records, and trade secrets — all suddenly vulnerable.
This scenario might seem unlikely, but it's exactly what experts predict could happen as quantum computing becomes more powerful.
That’s why SoftBank and SandboxAQ have partnered to test new quantum-safe encryption methods that protect your data from future threats.
In this article, we'll explain the stakes facing every business’s cybersecurity architecture, why this new cryptography works so well, and how your business can maintain a robust and successful security posture designed to adapt to a not-too-distant future of early fault-tolerant quantum computing.
The Growing Need for Post-Quantum Cryptography (PQC)
Post-Quantum Cryptography, or PQC, refers to new encryption methods explicitly designed to resist attacks by quantum computers. Unlike today's widely-used encryption, such as RSA or ECC, PQC is built using complex mathematical problems that quantum computers can't quickly solve.
Traditional encryption isn't enough because of how quantum computers work. Powerful quantum algorithms, especially Shor's algorithm, can quickly break the cryptographic foundations of today's digital security, putting data, privacy, and transactions at risk. This means sensitive information protected by current encryption methods could be compromised once quantum computers become powerful enough.
To address this inevitable development, governments, financial institutions, and technology leaders worldwide are already transitioning to PQC, aiming to fully adopt quantum-resistant encryption standards by the early 2030s.
An example of this shift is the finalization and eventual rollout of the U.S. National Institute of Standards and Technology (NIST) standards for post-quantum encryption, which calls for one key exchange algorithm and two digital signature algorithms.
While staying compliant means avoiding regulatory penalties, there’s an even more urgent call for businesses to proactively shift to PQC: These standards reflect the true pace of quantum computing development, and waiting until quantum computers arrive could leave organizations scrambling to protect their data and risk costly breaches.
Challenges of Transitioning to Quantum-Safe Encryption
Unlike everyday security patches, migrating to Post-Quantum Cryptography (PQC) requires businesses to rethink their cryptographic infrastructure. Some of the challenges organizations face are scenarios like the following:
- Standards for public keys like Rivest-Shamir-Adelman (RSA) and Elliptic Curve Cryptography (ECC) initially guided the designs of today’s existing systems. Switching to new algorithms, even in preparation, can cause compatibility issues with legacy software, hardware, and third-party systems.
- Sensitive data must remain secure during the transition. Even during a systems overhaul intended to prepare for the incoming Early Fault-Tolerant Quantum Computing (EFTQC) phase, organizations still risk exposure to critical information through security upgrades.
The realities of these challenges sparked SoftBank, strategically supported by SandboxAQ, to adopt a hybrid encryption approach and smooth out an already complex transition.
Hybrid encryption is quite simple but powerful: it combines the reliability of today’s well-tested classical cryptography with the strong quantum-resistance of PQC algorithms.
In other words, your communications are protected by two layers: one familiar and trusted, the other cutting-edge and quantum-ready.
This approach lets businesses gradually implement new cryptographic standards without creating immediate compatibility headaches.
Key advantages of hybrid encryption include:
- Immediate security upgrade: Businesses instantly strengthen security by adding quantum-resistant protection to existing encryption.
- Seamless compatibility: Organizations don't have to replace existing infrastructure overnight, preventing disruptions and downtime.
- Performance stability: Tests conducted by SoftBank and SandboxAQ showed that hybrid encryption offers high security without significantly increasing network latency or system load.
Ultimately, maintaining a successful security posture means balancing twin priorities: performance and robust protection.
During extensive real-world tests, SoftBank found that PQC algorithms — especially lattice-based ones like Kyber and Dilithium — could deliver robust protection while having minimal impact on the user experience. This is also in line with recent NIST standards, specifically FIPS 203 and FIPS 204.
This means organizations won’t have to choose between security and efficiency. They can confidently and safely enter the quantum era with a carefully planned hybrid strategy.
SoftBank and SandboxAQ’s Groundbreaking Demonstration
SoftBank and SandboxAQ tested their new quantum-safe encryption in real-world conditions to ensure hybrid encryption could handle everyday use. They ran tests simulating common online activities like gaming, streaming videos, browsing the web, and securely connecting via VPNs. This gave them confidence that the new encryption method could keep user data safe without affecting internet use.
The tests covered many common network types, such as 5G, LTE, SmartVPN, and WiFi. By evaluating performance in each scenario, SoftBank and SandboxAQ ensured their encryption solution went beyond ideal lab conditions and actually worked well across various real-world connections.
During these tests, they paid close attention to metrics that directly affect user experience, including:
- Speed: Checking to ensure encryption doesn’t noticeably slow down connections.
- Device performance: Ensure phones, computers, and other devices aren’t overloaded.
- Reliability: Ensuring stable connections without interruptions.
- Resource usage: Confirming the encryption method didn’t overly consume device memory or battery life.
This thorough testing showed that hybrid encryption provides strong, quantum-resistant security without sacrificing speed, reliability, or usability.
Results in Action: How Hybrid Encryption Performed
SoftBank and SandboxAQ's extensive testing results proved that hybrid encryption offers an in-built capacity to deliver strong security without slowing down a network or devices.
Algorithms based on structured lattice methods, especially Kyber and Dilithium, stood out for their excellent performance. They matched traditional cryptography in speed and resource use, providing quantum-safe protection without noticeably affecting connection quality, responsiveness, or battery life.
For example, this chart shows the latency of traditional cryptography methods compared to a few different types of hybrid encryption.
As you can see, three of the hybrid methods stayed close to the traditional methods in latency. Results from isogeny-based cryptography weren’t as favorable, and researchers have also recently identified significant vulnerabilities with the method that raises concerns about its reliability and long-term safety.
The tests also demonstrated that scalability wasn’t problematic for the structured lattice-based PQC algorithms. Even under heavy usage scenarios, encryption, as an activity, wasn’t the main performance bottleneck. Instead, network conditions — like bandwidth limitations — were usually the main factor affecting speed.
Implementing these new encryption methods won't negatively impact your existing systems or force expensive upgrades. These results are why hybrid encryption gives your business strong quantum security without compromising network performance or user experience.
Strategic Benefits of Hybrid Encryption for Businesses and Institutions
Hybrid encryption protects your organization against today's cyber threats and ensures your sensitive information stays safe as quantum computing advances. Combining classical encryption with quantum-safe algorithms secures your data now and in the future — even as quantum capabilities to crack cryptography become increasingly certain and within our reach.
Adopting hybrid PQC also helps you simplify compliance and reduce business risk. Many regulatory standards, like FIPS and PCI-DSS, already require robust cryptographic practices. Using hybrid encryption positions your organization ahead of regulatory requirements, giving clients and partners greater confidence in your security measures.
Key benefits of hybrid encryption include:
- Immediate and lasting protection: Your data stays secure today, and you're ready for quantum threats tomorrow.
- Simplified compliance: Easily meet and maintain regulatory standards (FIPS, PCI-DSS).
- Investment protection: Hybrid PQC lets you smoothly adapt as new quantum-resistant algorithms emerge, avoiding costly system overhauls.
A flexible approach ensures your business isn't locked into outdated security solutions and can evolve alongside the pace of cryptography standards. This makes adapting and pivoting to keep your infrastructure secure, compliant, and agile more manageable in the short- and long-term.
Next Steps for Implementing Quantum-Safe Encryption
Results from the Softbank and SandboxAQ study give businesses a clear path forward for transitioning to quantum-ready encryption. However, adopting hybrid protocols into real-world applications calls for a methodical and step-by-step implementation.
Helpful strategies to simplify your PQC transition include:
- Visibility of cryptographic inventory: Identify and document all current encryption methods and their uses.
- Getting clear on requirements: Determine your organization's priorities for security, compliance, and ease of integration.
- Developing a crypto-agile process and culture: Ensure your systems and teams can quickly adapt to future cryptographic developments and standards.
Let’s take a closer look at each priority.
First, organizations should conduct a thorough inventory of their cryptographic systems. It’s essential to identify where and how current encryption methods are used since sensitive data often hides behind overlooked or outdated protections.
To support this, SandboxAQ’s priority is developing solutions to discover and manage cryptographic information, aiding the move toward PQC implementation. For example, our focus on equipping security leaders with a fully transparent, 360-degree view of their organization’s security landscape enables them to spot even the most invisible vulnerabilities early and often.
Next, clearly define what your organization needs from a quantum-safe encryption solution. Every business has unique priorities: some may focus heavily on maintaining compliance with standards like PCI-DSS or FIPS, while others prioritize minimal disruption to existing systems. Pinpointing your priorities will guide you toward the right solutions.
Additionally, CISOs are well-placed to develop a mindset of "crypto-agility" within their teams and organizations by adopting (and supporting) this shift.
This means building flexibility into your infrastructure from the start so you're not locked into a single encryption approach. As quantum-safe encryption standards evolve over time, being agile will allow you to integrate new methods smoothly without expensive system overhauls.
Rather than waiting until quantum computing threats become critical, the smartest strategy is to take proactive steps now. Early action puts your organization ahead, protecting valuable data, simplifying compliance, and positioning your infrastructure securely for the long term.
PQC Solutions for Businesses Are Locked-In and Ready — Is Yours?
The real, tangible progress made in quantum computing puts us at the leading edge of innovation, and that’s definitely exciting — but reaching a point where quantum computing can achieve widespread fault tolerance and commercial readiness isn’t a matter of “if” — it’s a matter of “when.”
The potential for enterprises facing these headwinds is likewise promising — while also presenting an opportunity to strengthen current security postures. That’s exactly what SoftBank and SandboxAQ aimed to problem-solve, as we tested why and how hybrid PQC solutions work as effectively as they do. Ultimately, it’s all about ensuring strong encryption without disrupting your network today.
Besides “yesterday,” now is always the right time to take the first step toward safeguarding your organization from quantum risks. Schedule a demo of SandboxAQ’s AQtive Guard today and keep ahead of quantum computing developments.
Download the white paper: Designing a Hybrid Path to PQC Built for the Real World.
[ English Version ] [ Japanese Version ]
