PQC Field Guide Post-Quantum Cryptography
Table of Contents

The Post-Quantum Cryptography Field Guide

A Practitioner's Handbook · 9 chapters · ~210 min · 20 sections

Front Matter

  1. · Foreword A few years ago, I came across a TED talk presented by Quantum Physicist, Dr. Shohini Ghose. It had been many years since I last attended an academic course on anything physics much less quantum. During her talk she expl 7 min
  2. · How to Read This Book We designed this guide so you don’t have to read it cover to cover. Different roles need different chapters. Here’s where to start depending on what you’re trying to accomplish. 2 min
  3. · About the Author Arnulfo “Noof” Hernandez is a Solutions Architect at F5, Inc. supporting public sector customers including the Department of War, Intelligence communities, and federal civilian agencies. Arnulfo’s current focus areas inc 1 min

Chapters

  1. 01 The Quantum Threat: Why This Matters Now Before we can understand why post-quantum cryptography matters, we need to understand the strange and beautiful science that makes it necessary. This chapter is a guided tour—from the birth of quantum mechanics over a ce 32 min
  2. 02 What’s Vulnerable and What’s Not Chapter 1 explained why quantum computing threatens our cryptographic infrastructure. This chapter answers the next logical question: what, specifically, is at risk? 12 min
  3. 03 The New Algorithms: A Practitioner’s Guide In Chapter 1, we learned that quantum computing breaks the math behind today’s encryption—not the concept of encryption itself. In Chapter 2, we mapped exactly which algorithms and protocols are vulnerable. Now we answer 13 min
  4. 04 The Regulatory Landscape If the first three chapters answered “why should we care?” and “what’s at risk?”, this chapter answers the question that gets CISOs and program managers out of their chairs: “Who says we have to do this, and by when?” 18 min
  5. 05 Know What You Have: Cryptographic Discovery Every PQC migration plan begins with the same question: “Where is cryptography in my environment?” The answer, invariably, is “more places than you think.” 13 min
  6. 06 Building Your Migration Roadmap You’ve catalogued the threat (Chapters 1–2), learned the replacements (Chapter 3), mapped the mandates (Chapter 4), and inventoried your exposure (Chapter 5). Now comes the question that separates planning from action: “ 20 min
  7. 07 Hybrid Mode: Bridging Classical and Quantum-Safe In an ideal world, you’d flip a switch and every system in your environment would instantly use post-quantum algorithms. In the real world, migration happens gradually—and during that transition, classical and post-quant 14 min
  8. 08 Protocol Deep Dives: TLS, IPsec, SSH, and PKI This is the engineering chapter. The previous seven chapters built the case for why migration matters, what algorithms replace the vulnerable ones, and how to plan the program. This chapter goes inside the protocols them 29 min
  9. 09 Day-2 Operations: Monitoring, Rotation, and Long-Term Assurance Deploying post-quantum cryptography is a milestone, not a finish line. Once PQC is live in your environment—hybrid TLS on the edge, updated SSH key exchanges, new certificate chains in the pipeline—a new set of operation 14 min

Appendices & Reference

  1. · Quantum Risk Scoring Methodology This appendix provides a reusable, quantitative risk scoring methodology for assessing the quantum threat to specific systems and applications. It is adapted from the TNO/AIVD quantum risk methodology and designed to plu 5 min
  2. · PQC Migration Maturity Assessment This self-assessment tool helps organizations evaluate their current readiness for the PQC migration across eight key dimensions. It is adapted from the TNO/AIVD PQC growth model and designed for use by your CCOE (Chapte 3 min
  3. · Glossary Quick-reference definitions for terms used throughout this book. Terms are listed alphabetically. 6 min
  4. · Algorithm Cheat Sheet One-page reference for algorithm selection. Sizes are approximate and include DER/X.509 encoding overhead where applicable. 1 min
  5. · PQC Compliance Checklist A consolidated timeline and action checklist for PQC-related mandates. Check off items as your organization completes them. 3 min
  6. · Vendor PQC Readiness Assessment Template Use this template when evaluating vendors, suppliers, and third-party service providers. Distribute to procurement, security architecture, and CCOE team members. 1 min
  7. · Federal Framework Crosswalk Federal agencies operate under multiple overlapping cybersecurity and acquisition frameworks. This appendix maps the book’s five-phase PQC migration model (Chapter 6) against the four frameworks most commonly encountered 6 min
  8. · Bibliography Master reference list for all sources cited in chapter endnotes. Organized by category. ~95 entries covering all 128 endnotes across Chapters 1–9. 10 min