Comparative Analysis of Classical Public-Key Cryptography and NIST-Standardized Post-Quantum Algorithms with a Focus on Migration Strategies

Abstract

The rapid developments in quantum computing pose a critical threat to classical public-key cryptography, particularly RSA and Elliptic Curve Cryptography (ECC), which rely on mathematical problems solvable by Shor’s algorithm. In response, the National Institute of Standards and Technology (NIST) has standardized quantum-resistant algorithms, including ML-KEM, ML-DSA, FALCON, and SPHINCS+, to prepare global infrastructure for a post-quantum future. This paper provides a unified comparative analysis of classical cryptography and NIST-standardized PQC algorithms, evaluating their security assumptions, efficiency, architectural characteristics, and resilience against quantum adversaries. A comprehensive literature review identifies gaps in existing studies, particularly concerning unified migration frameworks that combine theory, implementation requirements, certificate ecosystem changes, and organizational readiness. To address these gaps, the paper proposes a structured comparative framework and outlines practical migration strategies, including hybrid cryptographic deployment, protocol upgrades, and phased transition roadmaps. The findings highlight that while PQC introduces larger key and signature sizes, its quantum resistance and standardization maturity make it essential for long-term security. The study concludes that strategic migration planning, driven by hybrid adoption and ecosystem adjustments, is crucial for ensuring a secure and seamless transition to post-quantum cryptography.

Introduction

Public-key cryptography, including RSA and Elliptic Curve Cryptography (ECC), underpins modern digital security but is fundamentally threatened by the advent of large-scale quantum computing. Shor’s algorithm can efficiently break RSA and ECC, creating serious risks such as the “harvest-now, decrypt-later” threat, where encrypted data captured today may be decrypted in the future. As a result, transitioning to quantum-resistant cryptography has become a global cybersecurity priority for governments, industries, and critical infrastructures.

To address this, NIST has standardized the first generation of post-quantum cryptographic (PQC) algorithms, including ML-KEM for key exchange, ML-DSA and FALCON for digital signatures, and SPHINCS+ as a hash-based alternative. While prior research and standards documents discuss algorithmic properties or offer high-level guidance, they often fail to combine cryptographic comparison with practical system-wide migration strategies.

This paper fills that gap by providing an integrated analysis that compares classical and PQC algorithms, examines their security foundations, key sizes, performance, and implementation complexity, and explores the broader challenges of migrating global systems to PQC. It also outlines infrastructure readiness, hybrid deployment models, and phased migration roadmaps, offering a comprehensive framework to support the transition to post-quantum security.

Conclusion

The research clearly establishes that classical public-key cryptography cannot survive the advent of quantum computing. NIST-standardized PQC algorithms provide robust long-term security and will be the future backbone of secure global communication [2]. Migration requires [8],[9] careful planning through hybrid adoption, infrastructure upgrades, certificate transformation, and phased transition. This paper’s comparative analysis and migration roadmap serve as a foundation for academic researchers, organizations, and policymakers planning quantum-resilient digital infrastructure.

References

[1] P. W. Shor, “Algorithms for quantum computation: Discrete logarithms and factoring,” in Proc. 35th Annual Symposium on Foundations of Computer Science, 1994, pp. 124–134. [2] National Institute of Standards and Technology (NIST),“Post-Quantum Cryptography Standardization Project,” NIST, Gaithersburg, MD, USA, 2024. [3] J. Bos, L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky et al., “CRYSTALS–Kyber: A CCA-secure module-LWE based KEM,” in Proc. IEEE EuroS&P, 2018. [4] J. Bos, L. Ducas, T. Lepoint, V. Lyubashevsky et al., “CRYSTALS–Dilithium: Digital signatures from module lattices,” NIST PQC Round 3 Submission, 2020. [5] D. Cousins, C. Peikert, P. Schwabe et al., “FALCON: Fast Fourier lattice-based compact signatures,” NIST PQC Round 3 Submission, 2020. [6] A. Hülsing, L. R. Reyzin, S. Song et al., “SPHINCS+: Submission to the NIST post-quantum standardization project,” 2020. [7] National Security Agency (NSA), “Commercial National Security Algorithm Suite 2.0 (CNSA 2.0),” NSA Cybersecurity Directorate, 2022. [8] National Cybersecurity Center of Excellence (NCCoE), “Migration to Post-Quantum Cryptography: Readiness and Planning Guide,” NIST, 2024. [9] Internet Engineering Task Force (IETF), “Guidance for Migrating to Post-Quantum Cryptography,” IETF Internet-Draft, 2025. [10] A. Kwiatkowski, S. Fluhrer, D. Stebila et al., “Hybrid key exchange in TLS 1.3,” IETF Internet-Draft, 2024. [11] Quantum Resistant Security Group (PQCC), “PQC Migration Roadmap,” PQCC Te

Copyright

Copyright © 2025 Sreerasmi V M, Jisna C K. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.