We recently outlined the quantum threat: cryptographically relevant quantum computers are coming, adversaries are already harvesting encrypted data today, and the risk isn’t limited to confidentiality. The integrity of the systems we depend on, the trust layer underneath everything, is equally exposed.
We also introduced Cisco’s two-pillar response: Secure Communications and Secure Products. We believe that both pillars are needed to ensure consistent, pervasive protection across the entire network, the kind that closes gaps rather than just addressing the most visible ones.
This blog will dive into the architecture behind the strategy to explain how Cisco is operationalizing the pillars across the communication planes, inside the chipset, and down to the firmware that loads before your operating system even boots.
Secure Communications: Protecting Every Layer of Your Network
Most conversations around Post-Quantum Cryptography (PQC) have focused on data in transit and the ‘Harvest Now, Decrypt Later’ (HNDL) threat. But pursuing quantum-secure communications requires more holistic solutions than what is typically discussed.
A network isn’t a single surface. It operates across three distinct planes, each with its own protocols and its own exposure to quantum risk.
The Management Plane handles remote administration (e.g., SSH, TLS/HTTPS, NETCONF, gRPC). These are the sessions through which infrastructure is configured and controlled. A harvested management session doesn’t just expose data; it can expose privileged access. Integrating PQC into these protocols helps ensure that the cryptography protecting privileged access remains resilient as quantum capabilities evolve.
The Control Plane governs how devices communicate with each other – routing decisions, authentication between peers, and signaling. Compromising the control plane is how you redirect traffic, create blind spots, and manipulate what a network believes to be true. PQC integration here means those signals are better able to remain authenticated against quantum-capable forgery.
The Data Plane is where user traffic flows – and where the HNDL exposure is most direct. The sessions your customers, employees, and operations depend on today are the harvest targets of tomorrow.
Cisco is integrating PQC across all three planes and at every relevant layer of the OSI model. For example
- Layer 2: Quantum-resistant MACsec for local link protection
- Layer 3: IPsec VPNs with PQC-based IKEv2 key exchange, protecting remote access at the tunnel level
- Layer 4+: PQC in TLS, securing web applications, APIs, and customer-facing traffic end to end
Meeting Organizations Where They Are
No organization transitions to quantum-safe infrastructure overnight. The ability to adopt new algorithms without rearchitecting everything is as important as the algorithms themselves.
On the key exchange side, Cisco supports multiple paths forward:
- Hybrid Key Exchange uses a PQC algorithm like ML-KEM, optionally combined with a classical algorithm like Diffie-Hellman. Session keys generated this way are more secure against both classical and quantum attacks.
- Enhanced Pre-Shared Keys (PPK) strengthens existing key exchanges by mixing in a quantum-resistant, pre-shared key established out-of-band. This integrates naturally with external key management systems, including Quantum Key Distribution platforms for the most sensitive environments.
To maintain trustworthy authentication, Cisco is transitioning to PQC-based certificates and PKI-leveraging, quantum-safe signature algorithms such as ML-DSA. This transition will help ensure device and user identities remain trustworthy in a post-quantum world.
Secure Products: Beyond Communication to Where the Trust Chain Begins
Here’s the uncomfortable truth about most quantum-safe strategies: they stop at the network layers.
Protecting data in transit is necessary. But ask a harder question: what happens if the device generating, managing, and enforcing that security has been compromised at a deeper level, before a single packet is encrypted?
Cryptography is the foundation beneath every technology that protects our systems from cyber threats. To maintain that foundation, cryptographic capabilities across the entire product stack must be modernized, not just at the communication layer, but at the platform level where those protections are enforced.
Every device runs a boot sequence: a series of steps that load firmware, initialize hardware, and hand off to the operating system. Each step assumes the previous one was legitimate. Each step, in other words, is a link in a chain of trust.
If any link in that chain can be forged – through a quantum-capable signature attack – the foundation collapses. An attacker doesn’t need to break your VPN. They can compromise the device before the VPN ever loads.
This is where Cisco’s approach diverges from the field. Most vendors are solving the protocol problem. Cisco is also solving the platform problem.
A Secure Boot Process Built for the Quantum Era
Before NIST finalized post-quantum algorithms, Cisco had already deployed a proprietary, hash-based signing scheme on select platforms, recognizing that the window between an emerging threat and finalized standards is itself a risk period that cannot be ignored.
With NIST-approved algorithms now in place, Cisco is implementing, on select platforms, a multi-stage quantum-safe secure boot process:
- LMS (Leighton–Micali Signatures) / XMSS (eXtended Merkle Signature Scheme): The root of trust verifies the first-stage bootloader using a hash-based, quantum-resistant signature scheme such as LMS or XMSS (on select platforms).
- ML-DSA-87: The bootloader verifies the operating system image prior to execution using ML-DSA signatures.
This chain extends further, to OS-level validation of application images. Every layer of software that loads on a Cisco platform is designed to be cryptographically verified as authentic and untampered before it runs. That verification will be quantum-resistant at each stage.
Trust Anchor Module
At the center of this architecture is Cisco’s Trust Anchor Module, a tamper-resistant hardware root of trust that Cisco plans to embed in Cisco’s Secure Routers, Smart Switches, Firewalls and more.
The Trust Anchor Module (TAm) underpins both secure boot and device identity. It is designed to securely store cryptographic keys, Secure Unique Device Identifier (SUDI), and Attestation Identity Key (AIK) certificates that have been updated with PQC algorithms including LMS and ML-DSA-87. The TAm provides a certifiable entropy source for strong key generation and supports PQC-signed certificates that help ensure each device’s identity can be verified, trusted, and attested, even as quantum capabilities advance.
What this means operationally: a device can prove what it is, prove that it hasn’t been tampered with, and maintain that attestable proof and trustworthiness across its lifecycle. For organizations whose infrastructure refresh cycles span longer periods, that matters enormously. The security embedded at manufacturing time either holds up – or it doesn’t.
That’s a fundamentally different level of protection than protocol updates alone can provide.
Quantum-safe communications running on a compromised platform is a false sense of security. It’s the equivalent of installing a high-security lock on a door with a compromised frame – the lock is real, but the protection isn’t.
As we move closer to Q-Day, the nature of the threat evolves. Early concerns focus on HNDL attacks against data in transit. But over time, the risk shifts toward direct attacks on system integrity and altogether undermining the platforms enforcing security. The goal will no longer be just to protect network traffic, but to protect entire platforms.
By embedding quantum-resistant trust directly into firmware, hardware, and through all relevant stages of the boot process, we help ensure that the platform enforcing your security posture is itself beyond quantum reach. That’s a fundamentally different level of protection, one that becomes more valuable, not less, as quantum capabilities mature.
Two Pillars. One Posture.
Secure Communications and Secure Products aren’t parallel workstreams. They are complementary layers of the same architecture: quantum-safe protocols protecting traffic in transit, quantum-resistant hardware anchoring the platforms that enforce it, and PQC-based identity running through both.
We’ve spent considerable time building that clarity internally. What we’ve developed goes beyond our own products – it’s a way of thinking about quantum readiness that we believe has broader relevance for the industry.
We’ll be sharing more on our quantum-safe infrastructure framework soon. In the meantime, visit the Cisco Trust Center to learn more about our PQC approach and stay ahead of what’s coming.
We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.
Cisco Security Social Media
