Quantum computing is still not a magic button capable of breaking the Internet overnight. But it has already shifted the risk horizon of something much more uncomfortable: long-term confidentiality. In that scenario, Telefónica has taken a step forward with a clear message for large companies and, especially, for those operating critical infrastructure: the encryption that currently protects traffic between data centers must start preparing for a future where attackers have access to new tools.
The operator announced ‘Data Center Interconnection’, a service aimed at protecting communications between data processing centers (DPCs) and corporate headquarters through post-quantum cryptography (PQC), with the explicit goal of withstanding potential attacks supported by quantum computing. The announcement was made public on January 7, 2026, and Telefónica presents it as the first service of its kind in Spain for this business use case.
The problem: “Store Now, Decrypt Later” is already underway
In cybersecurity, time is a criminal variable. The attack that worries governments, large companies, and regulated sectors most is not “breaking encryption today,” but intercepting encrypted communications now, storing them, and decrypting them later when technology permits. This pattern is known as Store Now, Decrypt Later and is especially sensitive when it involves medical records, intellectual property, personal data, contracts, or financial information that must remain secret for years. Telefónica explicitly mentions this risk as a motivation for the service.
That’s the key: although the threat from quantum attacks is progressive, traffic capture can be immediate. In other words: the future can break the past.
What Telefónica offers and why it matters in a company’s real architecture
The interconnection between DPCs and corporate headquarters is one of those places where “the important stuff lives”: replication, backups, application synchronization, access to critical environments, management traffic, regulated data… It’s no coincidence that Telefónica emphasizes that “the largest concentrations of sensitive data” usually transit through these interconnection networks.
‘Data Center Interconnection’ incorporates “Quantum Safe” options based on ML-KEM, Classic McEliece, and FrodoKEM, aligning with recommendations from organizations like NIST (USA) and BSI (Germany), according to the company’s official information.
Here’s an important nuance: it’s not just about “adding encryption”, because encryption already exists. It’s about migrating (without disrupting operations) to cryptographic primitives designed to resist a quantum adversary. This transition also has an organizational component: cryptographic inventory, crypto agility, lifecycle management, vendor compatibility, compliance, and testing.
Post-quantum is not “quantum”: PQC and QKD play in different leagues
Telefónica’s announcement includes another element that often causes confusion: compatibility with QKD (Quantum Key Distribution), a technique that uses principles of quantum mechanics to distribute keys in a way that any interception attempt is detectable. Telefónica highlights that the service is compatible with this technology and connects it with their experience in quantum communications.
Let’s translate this into plain language:
- PQC (post-quantum): classical cryptography (software/algorithms) designed to be resistant to quantum attacks.
- QKD: a quantum method for key exchange/distribution (more dependent on physical deployments, links, and conditions).
In practice, many organizations will first advance with PQC due to its easier deployment in existing infrastructure, while QKD is typically reserved for very specific environments. Telefónica, in fact, presents it as compatibility and an evolution, not as an immediate replacement.
Standards, not magic: the role of NIST in “the new encryption”
A key point in any serious discussion is standardization. If cryptography turns into a catalog of “proprietary solutions,” security becomes an act of faith. That’s why the market looks to processes like NIST, which has published standards for post-quantum cryptography and transition guidelines for organizations.
In the announcement, Telefónica lists ML-KEM, Classic McEliece, and FrodoKEM as options. Beyond the names, the underlying message is strategic: migration based on reviewed algorithms and international reference frameworks, particularly relevant for regulated sectors and critical infrastructure operators.
A market-aware move: “bottleneck” is not just energy; it’s also trust
For years, the conversation about data centers has focused on power, latency, continuity, and costs. But the quantum wave introduces another dimension: the durability of secrets. If a company manages information that must remain confidential beyond the usual technological cycle, the question ceases to be “how fast?” and becomes “will it stay secure when the landscape changes?”
Telefónica frames ‘Data Center Interconnection’ as a first step within a line of services for companies, and their infrastructure marketing manager, Yolanda Bueno, emphasizes the importance of communications in protecting critical information and ensuring “future confidentiality.”
Alongside, the company mentions its journey in the quantum domain with references like Madrid’s QKD ring TEFQCI and collaborations in healthcare environments, aiming for a positioning that combines security, technical credibility, and continuity.
Frequently Asked Questions
Which companies should already consider post-quantum cryptography?
Organizations with long-lived data (health, finance, public administration, industry, legal), regulated companies, and anyone transmitting sensitive information between DPCs and corporate headquarters—especially if it must remain confidential for years.
Is the quantum threat “for tomorrow”?
Not necessarily, but the practical risk is that an actor captures traffic today and decrypts it in the future. That’s why we talk about “Store Now, Decrypt Later” and the importance of preparing migrations well in advance.
Does PQC replace QKD?
They are not equivalents. PQC is classical cryptography resistant to quantum attacks; QKD involves quantum key distribution and typically requires specific deployments. In many cases, PQC will be the first step, with QKD reserved for very specific scenarios.
What does “aligned with NIST” mean in practice?
It means that the transition and algorithms are supported by frameworks and standards set by a recognized authority, facilitating audits, compliance, and interoperability among providers.
via: telefonica