We recently outlined the quantum threat: cryptographically relevant quantum computers are coming, adversaries are already harvesting encrypted data today, and the risk isn’t limited to confidentiality. The integrity of the systems we depend on, the trust layer underneath everything, is equally exposed.
We also introduced Cisco’s two-pillar response: Secure Communications and Secure Products. We believe that both pillars are needed to ensure consistent, pervasive protection across the entire network, the kind that closes gaps rather than just addressing the most visible ones.
This blog will dive into the architecture behind the strategy to explain how Cisco is operationalizing the pillars across the communication planes, inside the chipset, and down to the firmware that loads before your operating system even boots.
Secure Communications: Protecting Every Layer of Your Network
Most conversations around Post-Quantum Cryptography (PQC) have focused on data in transit and the ‘Harvest Now, Decrypt Later’ (HNDL) threat. But pursuing quantum-secure communications requires more holistic solutions than what is typically discussed.
A network isn’t a single surface. It operates across three distinct planes, each with its own protocols and its own exposure to quantum risk.
The Management Plane handles remote administration (e.g., SSH, TLS/HTTPS, NETCONF, gRPC). These are the sessions through which infrastructure is configured and controlled. A harvested management session doesn’t just expose data; it can expose privileged access. Integrating PQC into these protocols helps ensure that the cryptography protecting privileged access remains resilient as quantum capabilities evolve.
The Control Plane governs how devices communicate with each other – routing decisions, authentication between peers, and signaling. Compromising the control plane is how you redirect traffic, create blind spots, and manipulate what a network believes to be true. PQC integration here means those signals are better able to remain authenticated against quantum-capable forgery.
The Data Plane is where user traffic flows – and where the HNDL exposure is most direct. The sessions your customers, employees, and operations depend on today are the harvest targets of tomorrow.
Cisco is integrating PQC across all three planes and at every relevant layer of the OSI model. For example
- Layer 2: Quantum-resistant MACsec for local link protection
- Layer 3: IPsec VPNs with PQC-based IKEv2 key exchange, protecting remote access at the tunnel level
- Layer 4+: PQC in TLS, securing web applications, APIs, and customer-facing traffic end to end
Meeting Organizations Where They Are
No organization transitions to quantum-safe infrastructure overnight. The ability to adopt new algorithms without rearchitecting everything is as important as the algorithms themselves.
On the key exchange side, Cisco supports multiple paths forward:
- Hybrid Key Exchange uses a PQC algorithm like ML-KEM, optionally combined with a classical algorithm like Diffie-Hellman. Session keys generated this way are more secure against both classical and quantum attacks.
- Enhanced Pre-Shared Keys (PPK) strengthens existing key exchanges by mixing in a quantum-resistant, pre-shared key established out-of-band. This integrates naturally with external key management systems, including Quantum Key Distribution platforms for the most sensitive environments.
To maintain trustworthy authentication, Cisco is transitioning to PQC-based certificates and PKI-leveraging, quantum-safe signature algorithms such as ML-DSA. This transition will help ensure device and user identities remain trustworthy in a post-quantum world.
Secure Products: Beyond Communication to Where the Trust Chain Begins
Here’s the uncomfortable truth about most quantum-safe strategies: they stop at the network layers.
Protecting data in transit is necessary. But ask a harder question: what happens if the device generating, managing, and enforcing that security has been compromised at a deeper level, before a single packet is encrypted?
Cryptography is the foundation beneath every technology that protects our systems from cyber threats. To maintain that foundation, cryptographic capabilities across the entire product stack must be modernized, not just at the communication layer, but at the platform level where those protections are enforced.
Every device runs a boot sequence: a series of steps that load firmware, initialize hardware, and hand off to the operating system. Each step assumes the previous one was legitimate. Each step, in other words, is a link in a chain of trust.
If any link in that chain can be forged – through a quantum-capable signature attack – the foundation collapses. An attacker doesn’t need to break your VPN. They can compromise the device before the VPN ever loads.
This is where Cisco’s approach diverges from the field. Most vendors are solving the protocol problem. Cisco is also solving the platform problem.
A Secure Boot Process Built for the Quantum Era
Before NIST finalized post-quantum algorithms, Cisco had already deployed a proprietary, hash-based signing scheme on select platforms, recognizing that the window between an emerging threat and finalized standards is itself a risk period that cannot be ignored.
With NIST-approved algorithms now in place, Cisco is implementing, on select platforms, a multi-stage quantum-safe secure boot process:
- LMS (Leighton–Micali Signatures) / XMSS (eXtended Merkle Signature Scheme): The root of trust verifies the first-stage bootloader using a hash-based, quantum-resistant signature scheme such as LMS or XMSS (on select platforms).
- ML-DSA-87: The bootloader verifies the operating system image prior to execution using ML-DSA signatures.
This chain extends further, to OS-level validation of application images. Every layer of software that loads on a Cisco platform is designed to be cryptographically verified as authentic and untampered before it runs. That verification will be quantum-resistant at each stage.
Trust Anchor Module
At the center of this architecture is Cisco’s Trust Anchor Module, a tamper-resistant hardware root of trust that Cisco plans to embed in Cisco’s Secure Routers, Smart Switches, Firewalls and more.
The Trust Anchor Module (TAm) underpins both secure boot and device identity. It is designed to securely store cryptographic keys, Secure Unique Device Identifier (SUDI), and Attestation Identity Key (AIK) certificates that have been updated with PQC algorithms including LMS and ML-DSA-87. The TAm provides a certifiable entropy source for strong key generation and supports PQC-signed certificates that help ensure each device’s identity can be verified, trusted, and attested, even as quantum capabilities advance.
What this means operationally: a device can prove what it is, prove that it hasn’t been tampered with, and maintain that attestable proof and trustworthiness across its lifecycle. For organizations whose infrastructure refresh cycles span longer periods, that matters enormously. The security embedded at manufacturing time either holds up – or it doesn’t.
That’s a fundamentally different level of protection than protocol updates alone can provide.
Quantum-safe communications running on a compromised platform is a false sense of security. It’s the equivalent of installing a high-security lock on a door with a compromised frame – the lock is real, but the protection isn’t.
As we move closer to Q-Day, the nature of the threat evolves. Early concerns focus on HNDL attacks against data in transit. But over time, the risk shifts toward direct attacks on system integrity and altogether undermining the platforms enforcing security. The goal will no longer be just to protect network traffic, but to protect entire platforms.
By embedding quantum-resistant trust directly into firmware, hardware, and through all relevant stages of the boot process, we help ensure that the platform enforcing your security posture is itself beyond quantum reach. That’s a fundamentally different level of protection, one that becomes more valuable, not less, as quantum capabilities mature.
Two Pillars. One Posture.
Secure Communications and Secure Products aren’t parallel workstreams. They are complementary layers of the same architecture: quantum-safe protocols protecting traffic in transit, quantum-resistant hardware anchoring the platforms that enforce it, and PQC-based identity running through both.
We’ve spent considerable time building that clarity internally. What we’ve developed goes beyond our own products – it’s a way of thinking about quantum readiness that we believe has broader relevance for the industry.
We’ll be sharing more on our quantum-safe infrastructure framework soon. In the meantime, visit the Cisco Trust Center to learn more about our PQC approach and stay ahead of what’s coming.
We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.
Cisco Security Social Media
Facts Only
Cisco is addressing quantum computing threats with a two-pillar strategy: Secure Communications and Secure Products.
The Secure Communications pillar integrates post-quantum cryptography (PQC) across three network planes: Management, Control, and Data.
Management Plane protocols include SSH, TLS/HTTPS, NETCONF, and gRPC, which are being updated with PQC to protect privileged access.
Control Plane protocols govern device communication, routing, and authentication, with PQC integration to prevent traffic manipulation.
Data Plane protections include quantum-resistant MACsec (Layer 2), IPsec VPNs with PQC-based IKEv2 (Layer 3), and PQC in TLS (Layer 4+).
Cisco supports hybrid key exchange methods, combining PQC algorithms like ML-KEM with classical algorithms such as Diffie-Hellman.
Enhanced Pre-Shared Keys (PPK) strengthen key exchanges by mixing in quantum-resistant, pre-shared keys.
Cisco is transitioning to PQC-based certificates and signatures, including ML-DSA, for device and user authentication.
The Secure Products pillar focuses on quantum-resistant trust at the hardware and firmware level.
Cisco has deployed a proprietary hash-based signing scheme on select platforms and is now implementing NIST-approved algorithms like LMS/XMSS and ML-DSA-87 for secure boot processes.
The Trust Anchor Module is a tamper-resistant hardware root of trust embedded in Cisco devices, storing cryptographic keys and ensuring quantum-resistant device identity.
The Trust Anchor Module supports PQC-signed certificates and provides a certifiable entropy source for key generation.
Executive Summary
Cisco is addressing the emerging threat of quantum computing by implementing a two-pillar strategy: Secure Communications and Secure Products. The Secure Communications pillar focuses on integrating post-quantum cryptography (PQC) across all three network planes—Management, Control, and Data—to protect against "Harvest Now, Decrypt Later" (HNDL) attacks. This includes quantum-resistant protocols like MACsec, IPsec VPNs with PQC-based IKEv2, and PQC in TLS. Cisco supports hybrid key exchange methods, combining PQC algorithms like ML-KEM with classical ones, and is transitioning to PQC-based certificates and signatures such as ML-DSA.
The Secure Products pillar extends protection beyond network traffic to the hardware and firmware level. Cisco is implementing a quantum-safe secure boot process using hash-based signatures (LMS/XMSS) and ML-DSA-87 to verify each stage of the boot sequence. Central to this is the Trust Anchor Module, a tamper-resistant hardware root of trust embedded in Cisco devices, which stores cryptographic keys and ensures device identity remains verifiable even against quantum threats. This approach aims to prevent attacks that compromise devices before encryption is even initiated, ensuring the entire platform enforces security rather than just the protocols.
Cisco’s strategy acknowledges that quantum threats evolve from targeting data in transit to undermining system integrity. By embedding quantum-resistant trust into firmware and hardware, Cisco seeks to future-proof infrastructure against both current and emerging quantum risks. The company emphasizes that secure communications and secure products are complementary, not parallel, efforts, forming a unified posture against quantum vulnerabilities.
Full Take
**Steelman:** Cisco’s approach to quantum security is comprehensive, addressing both network-level encryption and platform-level integrity. By integrating post-quantum cryptography (PQC) across all network planes and embedding quantum-resistant trust into hardware, Cisco is positioning itself as a leader in future-proofing infrastructure against quantum threats. The two-pillar strategy—Secure Communications and Secure Products—acknowledges that protecting data in transit is insufficient if the underlying platforms are vulnerable. This is a forward-thinking response to a rapidly evolving threat landscape.
**Pattern Scan:** The narrative leans heavily on technical authority, using jargon like "ML-KEM," "LMS/XMSS," and "Trust Anchor Module" to establish credibility. While this is appropriate for a technical audience, it could also serve as a form of *jargon as smokescreen* (ARC-0031), making it harder for non-experts to critically assess the claims. The framing of Cisco’s solution as uniquely comprehensive—contrasting it with competitors who "are solving the protocol problem" but not the "platform problem"—could be seen as a *false binary* (ARC-0018), implying that other approaches are inherently incomplete. However, the article does provide concrete examples of implementation, which mitigates some of this concern.
**Root Cause:** The underlying paradigm here is the assumption that quantum computing will inevitably break classical cryptography, necessitating preemptive action. This is a reasonable premise, but the narrative assumes that Cisco’s specific implementation is the optimal or only viable solution. The focus on hardware-level security (e.g., Trust Anchor Module) reflects a broader industry trend toward "zero trust" architectures, where no layer of the system is assumed to be inherently secure.
**Implications:** If successful, Cisco’s approach could set a new standard for quantum-resistant infrastructure, benefiting organizations with long-term security needs. However, the cost and complexity of implementing such systems may create barriers for smaller entities, potentially centralizing security capabilities in the hands of a few large vendors. The emphasis on hardware-based trust also raises questions about supply chain security—what if the Trust Anchor Module itself is compromised during manufacturing?
**Bridge Questions:**
1. How does Cisco’s approach compare to open-source or community-driven PQC implementations? Are there trade-offs between proprietary and collaborative models?
2. What are the practical challenges of retrofitting existing infrastructure with quantum-resistant hardware, and how does Cisco address these?
3. How might adversaries adapt their strategies if quantum-resistant platforms become widespread? Could this lead to new attack vectors that bypass cryptographic protections entirely?
**Counterstrike Scan:** If this were part of a coordinated influence campaign, the playbook would likely emphasize urgency ("Q-Day is coming"), technical superiority ("only Cisco solves the platform problem"), and fear of obsolescence ("your current security is inadequate"). The actual content aligns with this to some extent, particularly in its framing of Cisco’s solution as uniquely comprehensive. However, the inclusion of specific technical details and acknowledgment of transitional challenges (e.g., hybrid key exchange) suggests a genuine effort to inform rather than manipulate. No overt red flags, but the narrative’s emphasis on Cisco’s proprietary advantages warrants scrutiny.
Sentinel — Human
This analysis is a highly technical, strategic piece written with the voice of a domain expert, focusing on a specific corporate architecture rather than general news reporting.