NordVPN, a leading VPN service provider, has unveiled its first application featuring quantum-resilient encryption—a significant advancement in cybersecurity. Post-quantum cryptography support is currently available on NordVPN’s Linux client, with plans to extend this enhanced security to all applications by early 2025.

Quantum decryption threat: “Cybercriminals are intensifying ‘harvest now, decrypt later’ attacks,” says Marijus Briedis, Chief Technology Officer of NordVPN. “They are amassing vast amounts of encrypted data to decrypt once quantum technology becomes viable. The VPN industry must evolve to defend against these future threats.”

This initiative aligns with recent announcements from the National Institute of Standards and Technology (NIST), which introduced its first post-quantum cryptographic standards. As VPNs rely heavily on cryptographic protocols to secure data and communications, adopting these emerging standards is crucial to maintaining robust security against the evolving capabilities of quantum computing.

NordVPN’s quantum-resilient encryption employs the ML-KEM algorithm, also known as Kyber, utilizing a hybrid approach. The process begins with establishing a standard WireGuard session, followed by a pre-shared key exchange based on the Kyber algorithm. Both client and server then use this key to add an additional layer of quantum-secure encryption, enhancing security without significantly impacting performance.

By 2025, NordVPN aims to introduce this quantum-resistant cryptography across all its applications. “As cryptographic needs evolve, the demand for crypto-agility that enables systems to adapt to new cryptographic standards seamlessly will be essential,” says Briedis.