Post-Quantum Cryptography 2023: Market Opportunities After NIST

Revenues from Post Quantum Cryptography to Reach $6.7 Billion by 2032

This is the latest report on business opportunities in post-quantum cryptography (PQC). The day when commonly used encryption schemes will be breakable by quantum computers is drawing closer. It may be just three-to-five years away if some of the vendor roadmaps are to be believed. The analyst also believes that NIST’s pronouncements on standards in 2022 provide stability to the PQC market. In addition to NIST activity, this report analyzes the activities of several other standards organizations and industry groups whose work will be a crucial role in the implementation and roll-out of PQC.

Based on the current PQC business environment this report provides ten-year forecasts of PQC software, hardware (chips and HSMs) and services. These forecasts are broken out by key applications sectors such as financial services, cryptocurrencies, automotive, healthcare, 5G/6G, IoT, tape drives, and disaster recovery, as well as police, military and intelligence applications. It also examines the motivation for companies and other organizations to adopt PQC. The forecasts are supplied to purchasers of the report in a separate Excel sheet.

Report Scope:

This latest publication takes into account the impact of COVID and current economic conditions on the addressable market for PQC products.  Its forecasting model embeds a new and more sophisticated view of PQC shipments than previous reports. The products considered in this report comprise crypto libraries, specialized PQC software and firmware, PQC-enabled browsers, PQC chips, as well PQC-enabled HSMs and tape drive. The report provides coverage of PQC-related services such as PQC clouds, PQC VPNs and PQC-as-a service.

The report also includes granular ten-year forecasts of critical end-user groups for tape drives, disaster recovery facilities, Web browsers, 5G/6G, IoT, financial services, healthcare, the military, police and intelligence communities, machine tools and the cybersecurity industry. And the report also includes profiles of approximately 30 key players: 01 Communique, AWS, BTQ, Cloudfare, Crypto4A, CryptoNext Security, Crypto Quantique, Envieta Systems, evolutionQ, Google, IBM, Infineon, Intel, Isara, Microsoft, Patero, Post Quantum, PQSecure, PQSield, QAN, Qualcomm, QuantiCor Security, Quantropi, QuBalt, QuSecure, Rambus, Secure-IC, SSH Communications, Thales, Utimaco, Rambus, and SandboxAQ.  These profiles focus on the product/market strategies of each of these companies. 

Report Highlights:

By 2032 the largest expenditures for PQC products and services will come from PQC services ($2.7 billion), and Web browsers (just over $1 billion) with disaster recovery applications lagging just behind Web browsers. While, one-day PQC algorithms will one day replace the current generation of encryption algorithms, it will be many years before a full transition to PQC occurs.  

The types of PQC products available now are limited - typically libraries, firmware updates, hardware modules, and a few services providing simple quantum-safe security. With NIST growing close to finalizing PQC standards, PQC products on the market will become more diverse and niche-specific, driving the need for specialized advice and services from cybersecurity firms. For example, several PQC firms are already beginning to develop products for the Internet-of-Things (IoT) which is an area where there is weak cybersecurity at present.

Another area that is interesting for novel PQC products is factories. While manufacturing industries are not often the target of cyberattacks, this is changing. Some designs and plans (such as for next-generation aircraft, automobiles, etc.) have very long shelf lives. Driven further by Industry 4.0 considerations at the end of the decade, machine tools will see a significant embedding of PQC capabilities.