Module 1: The Quantum Threat Landscape

• The “Why” of PQC: Understanding Shor’s and Grover’s algorithms and how they break RSA, ECC, and symmetric keys.
• The urgency: “Harvest Now, Decrypt Later” attacks and the long-term sensitivity of healthcare and government data. [1, 2, 3]

Module 2: Mathematical Foundations of Quantum-Safe Algorithms

• Lattice-Based Cryptography: Hard problems like Learning With Errors (LWE) and Shortest Vector Problem (SVP).
• Other PQC Families: Hash-based signatures (SLH-DSA), Code-based (HQC), and Multivariate cryptography. [1, 2, 3]

Module 3: Global Standards & Regulations

• NIST Finalized Standards: Deep dive into FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA).
• Migration Timelines: Compliance with 2030/2035 deprecation deadlines for quantum-vulnerable algorithms. [1, 2, 3]

Module 4: Implementation & Engineering Challenges

• Hybrid Schemes: Combining classical (ECC/RSA) with PQC for immediate “defense in depth”.
• Performance Trade-offs: Managing larger key sizes, increased memory usage, and latency issues in web handshakes.
• Hands-on Lab: Using libraries like the Open Quantum Safe (OQS) project to test PQC in TLS or SSH environments. [1, 2, 3, 4]

Module 5: Side-Channel Attacks & Modern Defense

• Beyond the Math: How physical implementation leaks secrets through power analysis or timing.
• Secure Implementation: Constant-time coding and masking techniques to harden PQC algorithms. [1, 2, 3]

Module 6: Strategic Migration & Crypto-Agility

• Inventory & Assessment: How to build a live cryptographic inventory and prioritize high-risk systems.
• Crypto-Agility: Designing systems where algorithms can be swapped without rewriting the entire infrastructure. [1, 2, 3]