Our read of a sweeping new survey of quantum computing and security keeps circling back to one under-addressed problem. Two specialist papers from the same week show why getting your organisation quantum-safe is becoming harder, not easier. Three papers landed on arXiv in the space of a fortnight in late May and early June, and…

On 2 June 2026 we re-ran our post-quantum cryptography (PQC) readiness scanner against the same 118 New Zealand critical infrastructure entities we assessed on 14 April 2026. Seven weeks is a short interval for a cryptographic migration story — and the headline number reflects that: the overall PQC rate moved from 52.6% to 52.2%, essentially…

Three papers published in the second week of May 2026 cover different parts of the post-quantum migration stack: a new NIST report on the next generation of digital signature candidates, a proof-of-concept PQC deployment inside a production bank, and a working FN-DSA implementation on Raspberry Pi hardware. Read together, they deliver the same message from…

6G standardisation is still years away, but the cryptographic choices that will shape it are being made now. Every Five Eyes PQC migration deadline falls before the first commercial 6G radios are expected. A new paper from Toshiba’s Bristol research lab benchmarks how the NIST-standardised primitives behave on actual telecom-relevant hardware — desktop-class, ARM-class edge,…

A new arXiv preprint runs the numbers on something every Australian bank — and by extension every NZ subsidiary of one — should already have answered: can post-quantum signatures actually run inside a real-time payments SLA? Reference: arXiv 2605.02276v1, 4 May 2026. The simulation covers Australia’s real-time retail payments rail at production volume — 5.2…

A new arXiv preprint from Chou and Cao (UIUC / NCSA) puts numbers on the network cost of PQC certificate bloat. The headline: TTFB doesn’t degrade smoothly as chains grow — it steps up at two specific points where chain size breaches TCP’s flight windows. Reference: arXiv 2604.24869v1, 27 April 2026. The cliffs The first…

Good news: nobody has a cryptographically relevant quantum computer yet. Shor’s against RSA-2048 still wants more error-corrected qubits than anyone has shipped, and the public roadmaps remain firmly in “soon” territory. Pop the champagne — your AES-256 backups are safe. For now. The “for now” is doing the heavy lifting, of course, which is why…

Today, on the closing day of the consultation, we submitted our formal response to the Department of the Prime Minister and Cabinet’s Discussion Document on enhancing the cyber security of New Zealand’s critical infrastructure system. Our submission focuses on a gap we identified across all three published consultation documents: there is no substantive mention of…

Summary This is the first external, public, sector-wide post-quantum cryptography (PQC) readiness assessment of New Zealand’s critical infrastructure system. Using a purpose-built open-source TLS scanner, we measured whether the public web endpoints of 118 NZ critical infrastructure entities — covering all seven Department of the Prime Minister and Cabinet (DPMC) essential service sectors — will…

Your encryption has an expiration date. Quantum computers running Shor’s algorithm will be able to break RSA, ECC, and other widely-used public-key cryptographic systems by efficiently factoring large integers and computing discrete logarithms. The threat is already active. Harvest Now, Decrypt Later (HNDT) attacks mean adversaries are capturing encrypted data today — financial transactions, health…