The transition to Post-Quantum Cryptography (PQC) is a significant global challenge that spans multiple years, aimed at safeguarding against the impending threats posed by advancements in quantum computing.
As the United Kingdom’s authoritative body for cybersecurity and cryptography, the National Cyber Security Centre (NCSC) is actively engaged in facilitating this transition. We have released technical guidelines and timelines for migration and initiated an assured consultancy scheme to aid businesses and industries in their migration efforts. Recognizing the collaborative nature of this task, we closely partner with academia and industry to stay updated on the latest advancements in cryptographic research and to identify necessary technical advice and guidance that will facilitate a smooth transition.
Central to the migration to PQC are established standards for algorithms, protocols, and systems. These international standards are meticulously crafted documents, formulated through consensus among experts from various sectors including government, academia, and industry. They outline operational procedures and best practices that enable organizations to develop compatible products and solutions.
One of the pivotal organizations in this standardization process is the Internet Engineering Task Force (IETF), charged with the design and upkeep of protocols that contribute to an efficient internet experience. Protocols documented as RFCs serve as the foundational elements of this work.
In a bid to support a global, secure migration to PQC, the NCSC has played an active role in developing PQC standards. In June 2025, the IETF published RFC 9794, which delineates the ‘Terminology for Post-Quantum/Traditional Hybrid Schemes’. This RFC offers foundational definitions for PQC standardization within protocols, authored in collaboration with Dr. Britta Hale from the Naval Postgraduate School. Consistent terminology is crucial as it enhances clarity in technical discussions and mitigates potential misunderstandings that could compromise security.
Since 2016, the National Institute of Standards and Technology (NIST) has embarked on a mission to standardize new cryptographic algorithms that are resilient against threats posed by quantum computing. This endeavor focuses on different mathematical frameworks distinct from current cryptography. In August 2024, NIST introduced algorithm standards for key management and digital signatures including ML-KEM, ML-DSA, and SLH-DSA, alongside ongoing work on alternative algorithms. Concurrently, the NCSC released guidance on Next Steps in Preparing for Post-Quantum Cryptography.
As part of these efforts, the IETF is developing standards that dictate the implementation of these algorithms within internet protocols. Given the significance of these protocols—including TLS, SSH, and IPSec—it is imperative to update them to incorporate PQC algorithms to maintain their security integrity from quantum threats.
Within the IETF framework, each protocol is typically developed in dedicated Working Groups. Nevertheless, the cross-disciplinary threats presented by quantum computing necessitated the formation of a new Working Group, Post-Quantum Use In Protocols (PQUIP), aimed at fostering dialogue and guidance on PQC applicable across various protocols.
This Working Group and its outputs are pivotal to fortifying the security of IETF protocols. The NCSC recognizes that enhancing security against quantum threats relies heavily on establishing consistent terminology—particularly concerning the integration of Post-Quantum and Traditional algorithms, known as PQ/T hybrid schemes.
Confusion arising from inconsistent terminology can pose security risks, leading to complexities such as having multiple terms for a single concept or, more alarmingly, conflating different concepts with varying security implications, which undermines the security assessments conducted during standards development.
To mitigate these issues, the NCSC released an initial draft of an RFC focused on defining terminology for Post Quantum/Traditional (PQ/T) Hybrid Schemes in July 2022. The IETF standards evolution initiates with an Internet-Draft that evolves via consensus of expert contributions, both in-person and through mailing discussions. The NCSC has closely collaborated with various partners to refine the terminology, operationalizing expert feedback from diverse sources. Ultimately, in June 2025, after obtaining consensus from academia and industry professionals, this new standard was published as an RFC.
The RFC elaborates definitions related to cryptographic algorithms, leading to cryptographic artifacts, protocols, and security attributes, thereby offering a comprehensive reference for varied applications. The multifaceted nature of transitioning to PQC requires input from numerous stakeholders possessing differing levels of cryptographic knowledge; thus, clarity and consistency in language are paramount. This foundational work will empower stakeholders to assess and make informed decisions regarding system security.
While this document does not delve into specific security considerations, migration timelines, or the pros and cons of PQ/T hybrid usage—along with protocol-specific points—the RFC lays out the terminology necessary for effective security assessments and comparative analyses, establishing a groundwork for future developments.
Although some may opt for alternative phrases to those in the RFC, the document acknowledges and includes these options to maintain consistent meaning during technical dialogue.
The RFC has already been cited in over 20 technical draft RFCs within the IETF, as well as in academic research and guidance from other standards organizations. This illustrates the significant role the NCSC’s RFC will play in enhancing the security of technical proposals well into the future.
The NCSC has engaged with the IETF for several years, with RFC 9794 being the second RFC authored by our team, the first being RFC 9424 (‘Indicators of Compromise (IoCs) and Their Role in Attack Defence’). Our contributions in cybersecurity and cryptography bolster the security of the internet for UK citizens and organizations.
We urge anyone interested in advancing PQC technology to engage with the IETF and play a part in shaping the security standards for emerging technologies.
Michael P
Senior Internet Standards Researcher
Based on an article from ncsc.gov.uk: https://www.ncsc.gov.uk/blog-post/new-standard-for-post-quantum-terminology
