Sure! Here’s the translation:
Lack of Knowledge, Shortage of Specialized Talent, and Budget Constraints Hinder the Transition to Quantum-Resistant Algorithms.
The advent of quantum computing presents an unprecedented challenge to digital security as we know it. Although a massive operational level has yet to be reached, its impact on current cryptographic systems is inevitable. This warning comes from Redtrust, a company specialized in the management and custody of digital certificates, which has identified the main barriers preventing companies from timely preparing for this new technological era.
According to data from Keyfactor, over 57% of organizations estimate that it will take between two and five years to complete their transition to post-quantum algorithms. This timeline, according to Redtrust, indicates that the business ecosystem is not yet prepared to face the so-called “Q Day,” the moment when quantum computers will be able to break traditional cryptographic techniques like RSA or ECC.
“It’s not about alarmism, but responsible anticipation,” says Daniel Rodríguez, CEO of Redtrust. “Many organizations are still signing digital documents using algorithms that could be considered insecure in just a few years. In that case, they will be compelled to revalidate and protect data that was previously deemed confidential.”
Three Key Hurdles in the Transition to Post-Quantum Cryptography
Despite the fact that post-quantum algorithms are starting to be standardized and gaining visibility in the sector, Redtrust points out three main obstacles slowing their adoption:
Strategic and Technical Ignorance
Many companies are unaware of how to initiate a secure transition to quantum-resistant cryptographic schemes. Despite advancements in standardization—such as those promoted by NIST—the lack of a clear roadmap obstructs initial steps.Shortage of Specialized Profiles
Post-quantum cryptography is a highly technical and emerging field. The scarcity of qualified talent experienced in PQC (Post-Quantum Cryptography) algorithms and their integration into real infrastructures is hindering pilot projects in many organizations.- Low Priority on the Technological Agenda
In an environment filled with multiple urgencies—cybersecurity, cloud migration, automation, generative AI—investments in post-quantum cryptography are not always perceived as priorities, creating a false sense of short-term security.
A Silent Threat: “Harvest Now, Decrypt Later”
One of the most underestimated risks is the anticipatory attack strategy, known as harvest now, decrypt later. This involves intercepting encrypted communications today to decrypt them in the future, when quantum computers have the necessary capability.
This tactic particularly affects sensitive sectors—governments, defense, healthcare, or industrial property—where data must remain confidential for decades. The persistence of traditional encryption in these areas multiplies the risks of future exposure.
Dual Digital Signatures as a Transitional Solution
In response to these challenges, Redtrust is working on dual digital signature schemes, which combine a conventional signature with one based on post-quantum algorithms. This hybrid approach enables the validation of documents even if current cryptography is compromised sooner than expected.
“The transition will be gradual and take years, but there is already technology available to start mitigating the risk,” Rodríguez states. “Having a structured plan will allow organizations to maintain document integrity, anticipate future regulatory demands, and preserve their competitiveness.”
Redtrust and the Management of Cryptographic Risk
Redtrust, part of the Keyfactor group since 2019, currently manages the digital identity of over 1,000 companies in critical sectors such as banking, energy, and construction. Its solution is based on the centralization and secure custody of digital certificates via encrypted and controlled servers, with complete traceability of use and lifecycle.
Since joining the group, Redtrust has also integrated leading technologies such as EJBCA—the certification authority developed by PrimeKey—reinforcing its commitment to crypto-agility and preparedness for scenarios like Q Day.
Quantum computing is not a future threat but a technological transformation that has already begun. The challenge for organizations is not just to migrate to new algorithms, but to do so in time, with guarantees, and without improvisation.
Source: Press Release