Quantum computers continues to advance rapidly, with SaaS offerings like AWS Braket now providing access to quantum algorithms across multiple architectures.
Since March, Java 24 has introduced Java post-quantum cryptography, adding support for post-quantum cryptographic algorithms such as ML-KEM and ML-DSA, and .Net 10 has expanded its support as well. Our advice is simple: if you’re building software in these languages, begin adopting quantum-safe algorithms now to future-proof your systems.
At the core of asymmetric cryptography, which secures most modern communication, lies a mathematically hard problem. However, the problem used in today's algorithms will be easy to solve with quantum computers, driving research for alternatives. Lattice-based cryptography is currently the most promising candidate. Although cryptographically relevant quantum computers are still years away, post-quantum cryptography is worth considering for applications that must remain secure for decades. There is also the risk that encrypted data is recorded today in order to be decrypted once quantum computers become available.
Java post-quantum cryptography takes its first steps in JDK 24, set for general availability in late March. This release includes JEP 496 and JEP 497 — which implement a key encapsulation mechanism and a digital signature algorithm — both standards-based and designed to be resistant to future quantum computing attacks. While liboqs from the Open Quantum Safe project provides C-based implementations with a JNI wrapper, it’s encouraging to see a native Java implementation emerging as well.
