Quantum computing is a present-day reality that's changing cybersecurity in fundamental ways. The encryption protecting our most sensitive data today won't stand a chance against powerful quantum attacks. This means organizations should begin adopting post-quantum cryptography (PQC) solutions now to secure their data in transit. And because wide-area networks (WANs) carry so much mission-critical data, they are ground zero. This blog takes a look at key considerations for establishing quantum-safe protection in WAN infrastructure.

The quantum threat landscape and its impact on WAN security

Our current security relies on classical encryption, especially public-key methods. But these are vulnerable to quantum attacks. Imagine a powerful cryptographically relevant quantum computer (CRQC) designed to break today's encryption.

This leads to a daunting scenario called harvest now, decrypt later (HNDL).

Here's how it works: An attacker secretly copies your encrypted data and the public key information as it travels across your network. When a CRQC becomes available, it's used to derive the private key. With both the public and quantum-calculated private key, the session key can then be unlocked, and all that sensitive, previously captured data can be decrypted. This means any data you send today could be exposed tomorrow.

Figure 1. With HNDL attacks, adversaries capture encrypted WAN traffic and key exchange data today to decrypt it in the future with CRQCs

Your WAN needs quantum-safe protection first

Your WAN is the backbone that connects data centers, branch offices, and cloud environments. It carries your most sensitive information, often data that needs to stay confidential for years. Securing this traffic against quantum threats is critical for preventing future breaches and staying compliant.

Here's why a WAN-first approach to PQC makes sense:

• WAN traffic often has a long shelf life for confidentiality. Its journey across various transports between remote sites and data centers makes it an ideal target for HNDL attacks.
• Today's classical encryption methods, especially those relying on the difficulty of factoring large numbers, are directly threatened by quantum algorithms like Shor's.
• Global regulatory bodies are already issuing guidelines for defending against quantum-enabled attacks. Beginning with your WAN helps you get ahead of compliance requirements and reduce risk sooner.
• Your WAN edge routers are well positioned to implement new quantum-safe encryption. Choosing the right infrastructure ensures PQC technology provides comprehensive defense.
• Modern solutions like SD-WAN, virtual private network (VPN), and secure access service edge (SASE) are built on strong cryptography. PQC is a natural evolution of this foundational security.
• The centralized nature of WANs makes them well-suited for rolling out hybrid encryption by mixing old and new cryptographic methods. This agility will simplify your migration to a fully quantum-safe future.

Figure 2. WANs carry sensitive, long-lived data and are foundational to secure architectures-making them a priority for quantum-safe protection as threats and standards evolve

Building a comprehensive post-quantum security (PQS) strategy

Post-quantum security (PQS) is about upgrading cryptographic algorithms, protocols, and entire systems to withstand quantum attacks.

A truly effective PQS solution must be comprehensive, focusing on three key areas:

• Encryption: Protects your data in transit from HNDL attacks.
• Authentication: Ensures only legitimate users and devices can access your network.
• Secure boot: Helps ensure the integrity and authenticity of your system's startup process.

Figure 3. Comprehensive PQS addresses three critical dimensions: data encryption, authentication, and secure boot integrity

While the exact timeline for a CRQC is uncertain, being proactive is crucial. A complete PQS strategy should address all these dimensions, protecting your data and infrastructure from every angle.

Protect your WAN from quantum attacks

There are two main approaches to making your WAN quantum-resistant:

Post-quantum pre-shared key (PPK): This method offers immediate protection against HNDL attacks. A PPK is a special key that's mixed with your classical IPsec session key. Since an attacker cannot capture this PPK, even a CRQC can't figure out the true session key. You can set up PPKs manually or use a quantum key distribution (QKD) system to obtain them. This protects your critical data right now.

Post-quantum cryptography ( PQC) algorithms: This method involves adopting new, quantum-safe algorithms. Standards bodies like the National Institute of Standards and Technology (NIST) are rapidly approving these. For example:

• ML-KEM (FIPS-203): For quantum-safe key exchange (encryption)
• ML-DSA (FIPS-204): For quantum-safe digital signatures (authentication)
• LMS (NIST SP 800-208): For ensuring the quantum-safe integrity of firmware and software at a system level (secure boot)

Cisco 8000 Series Secure Routers: Your quantum-safe WAN solution

The Cisco 8000 Series Secure Routers are specifically designed for the quantum era, providing robust, quantum-safe WAN connectivity across branch offices, campuses, and data centers.

These routers are built with powerful crypto engines. They can handle demanding PQC algorithms without slowing down your network. High-end models feature the Quantum-Flow Processor (QFP) ASIC while branch and campus routers use a new secure networking processor ASIC. Both are optimized for high-throughput crypto offload.

Figure 4. Cisco 8000 Series Secure Routers feature dedicated cryptographic engines designed to handle PQC workloads without compromising performance

For immediate quantum-safe encryption using the PPK method, Cisco 8000 Series Secure Routers support Secure Key Integration Protocol (SKIP) and RFC 8784, which allow the mixing of a pre-shared key into the IKEv2 key exchange. The PPK could be learned from QKD systems, or if QKD isn't available, PPKs can be configured locally in the device configuration. This solution enables quantum-safe encryption for IKEv2 IPsec connectivity.

With native PQC solutions, Cisco 8000 Series Secure Routers will support hybrid encryption. This means you can combine an existing legacy encryption secret with a new, NIST-approved quantum-safe method's shared secret within the same crypto data plane. Based on RFC 9370, this hybrid approach cryptographically blends multiple shared secrets to create a stronger session key. The hybrid implementation enables smooth migration and allows you to enforce ML-KEM algorithms as needed. All public key cryptography solutions, including IKEv2 IPsec, SD-WAN, FlexVPN, DMVPN, IKEv2 Cluster Load-balancing, MACsec with EAP-TLS, SSH, and more, will offer native PQC encryption capabilities on the Cisco 8000 Series Secure Routers.

The Cisco 8000 Series Secure Routers are foundational for building a quantum-safe encryption solution for your network.

Act now for a quantum-safe future

Quantum computing is no longer a distant threat; it's here, demanding immediate action to protect our digital world. Organizations need to proactively upgrade their network infrastructure, especially their WANs, to defend against quantum attacks.

The move to PQC is an urgent step to guard against threats like HNDL. By prioritizing quantum-safe solutions for your WAN, you can ensure long-term data confidentiality, meet regulatory demands, and maintain operational integrity.

Cisco 8000 Series Secure Routers are purpose-built for this challenge. They offer both immediate protection with PPK and a clear path to native PQC methods, securing your data in transit and critical infrastructure.

Investing in quantum-capable security today with solutions like Cisco 8000 Series Secure Routers is how you build resilient, future-proof networks. The time to start your journey toward quantum-safe networking is now.

Discover how to secure your WAN for the quantum era