From RSA to Post-Quantum: Implementing Quantum-Resistant Cryptography with OpenSSL in Real-World Applications

The rapid advancements in quantum computing pose an existential threat to widely adopted classical cryptographic algorithms such as RSA and ECC. While a large-scale quantum computer has not yet materialized, the security of today's encrypted communications is already at risk due to the "harvest now, decrypt later" paradigm: adversaries can collect encrypted data now and decrypt it once quantum capabilities emerge. To mitigate this looming threat, the cryptographic community has been actively developing and standardizing post-quantum cryptographic (PQC) algorithms. Among the most prominent are Kyber (for key encapsulation) and Dilithium (for digital signatures), both selected by NIST as part of its PQC standardization process. This talk will explore the integration of PQC using the OpenSSL ecosystem, highlighting current support, best practices, and common pitfalls. We will walk through how to use Kyber (ML-KEM) and Dilithium (ML-DSA) in OpenSSL 3.5 and discuss implications for key exchange, TLS, and digital signatures. Finally, we’ll present Qgram, a secure messaging system developed to showcase real-world usage of post-quantum cryptography. Qgram leverages Kyber and Dilithium to deliver end-to-end encrypted communication resilient to quantum attacks, demonstrating the feasibility and performance of PQC in latency-sensitive applications. Key takeaways: - Why RSA and ECC are vulnerable in a quantum world - Understanding the harvest-now-decrypt-later risk - How to use OpenSSL with Kyber and Dilithium today - Lessons learned from integrating PQC into a production-grade messaging system