KOBIL is Quantum-ready

The ongoing development of powerful quantum computers represents one of the most significant paradigm shifts the IT security industry has faced since the introduction of modern cryptography. While classical cryptographic methods such as RSA or Elliptic Curve Cryptography (ECC) have long been considered secure, it is now clear that a sufficiently powerful quantum computer could break these methods within a feasible timeframe. Companies that aim to offer products with long-term security must therefore take action today—even if the major breakthrough in quantum computing may still be several years away.

KOBIL recognized this need for action at an early stage and has consistently placed the connection setup within its products on a quantum-secure foundation. To this end, the company relies on a hybrid cryptographic approach that combines classical methods with post-quantum cryptography (PQC). From a technical perspective, this is both a remarkable and a pragmatic step, one that already justifies describing KOBIL as “quantum-ready” today.

Why the connection setup is particularly critical

Secure connection setup is the foundation of almost all modern IT security solutions. During this phase, cryptographic keys are negotiated, identities are verified, and the basis for confidential and integrity-protected communication is established. If this process is compromised, any security measures built on top of it become ineffective.

This is precisely where the challenge lies in the context of quantum computers: key exchange methods that are considered secure today could become vulnerable in the future to so-called “harvest-now-decrypt-later” attacks. In such scenarios, attackers record encrypted communication today in order to decrypt it at a later point in time using powerful quantum computers.

KOBIL addresses this threat by securing the connection setup against such scenarios already today.

The hybrid approach: Classical and Post-Quantum at the same time

Instead of completely replacing existing cryptographic methods, KOBIL has opted for a hybrid security approach. In concrete terms, this means that both classical cryptographic methods and post-quantum algorithms are used in parallel when establishing a connection. The resulting level of security is based on both worlds.

This approach offers several decisive advantages:

Protection against quantum attacks: Even if classical methods become vulnerable to quantum computers in the future, the connection remains protected through the PQC component.

Mitigation of risks associated with new methods: Post-quantum cryptography is a comparatively young field of research. Should individual PQC methods later prove to have weaknesses, classical cryptography remains in place as a security anchor.

Future-proofing without disruption: Existing systems, protocols, and infrastructures do not need to be abruptly replaced.

This dual-layer protection currently makes the hybrid approach the preferred path for many security experts—and KOBIL is already implementing it.

A demanding implementation – faster than expected

The integration of hybrid cryptographic methods is anything but trivial. Post-quantum algorithms introduce new requirements, such as larger keys, higher computational loads, or modified protocol flows. Accordingly, adapting existing systems is a complex undertaking.

All the more remarkable is the fact that KOBIL was able to realize this implementation in a comparatively short period of time. This allows for two key conclusions:

First, it demonstrates the high quality and modularity of the existing code base. Cleanly structured, maintainable code is a fundamental prerequisite for integrating new cryptographic methods at all—without jeopardizing the stability of the overall system.

Second, it becomes clear that post-quantum methods themselves are increasingly maturing. The algorithms currently being discussed and selected within international standardization processes—such as those at NIST—have now reached a level of stability that allows them to be deployed in real-world products.

Rollout across all KOBIL products

Following the successful securing of the connection setup, the plan is to gradually integrate the hybrid quantum-ready solution into all KOBIL products. In addition, it is intended to be introduced for existing KOBIL customers as well, subject to corresponding interest.

From the users’ perspective, this approach is particularly sensible: customers do not have to determine for themselves when and how to prepare for the topic of quantum resistance. Instead, they receive a security architecture that is already designed today to address future threats—without disrupting their current processes.

From a technical perspective, KOBIL already meets all essential criteria to be described as a quantum-ready company.

The next step: PKI and the outside world

As important as internal connection setup is, it represents only one part of the overall security architecture. The challenges become particularly significant where systems interact more extensively with the outside world—for example through public key infrastructures (PKI) and digital certificates.

Especially in the PKI environment, companies depend on standards that are internationally recognized and interoperable. For post-quantum cryptography, these standards are currently still in the final stages of development. Questions such as:

Which PQC algorithms may be used in certificates?

How are hybrid certificates formally specified?

How do browsers, operating systems, and hardware components ensure compatibility?

must be conclusively clarified before a broad-based rollout can be meaningfully implemented.

Standardization as a prerequisite for the next development step

KOBIL is approaching this next step deliberately and in a controlled manner. Once standardization in this area has progressed sufficiently, quantum-ready developments will be consistently continued. This approach demonstrates an important mindset: security does not emerge from rushed innovation, but from carefully considered, standards-compliant, and sustainably viable decisions.

Conclusion: Quantum readiness as a strategic competitive advantage

KOBIL’s work clearly demonstrates that quantum readiness is no longer a theoretical future topic, but can already be implemented in practice today – at least where companies invest early and have appropriately prepared their technological foundations.

The hybrid approach to connection setup combines the best of two worlds: proven classical cryptography and future-proof post-quantum methods. At the same time, the system remains robust against uncertainties on both sides.

With the planned integration across all products and a clear roadmap for PKI-related solutions, KOBIL positions itself not only as a technologically advanced provider, but also as a responsible one that takes its customers’ long-term security requirements seriously.

The next meeting, once further progress has been made in standardization, will therefore be less of a restart and more the consistent continuation of a path already taken: toward an IT security architecture that will remain resilient even in the age of quantum computers.

Key Facts: Why Quantum readiness already matters today

Starting point: Powerful quantum computers will be able to break classical cryptography such as RSA and Elliptic Curve Cryptography (ECC) in the future.

Core risk: “Harvest-now-decrypt-later” attacks threaten long-term sensitive communications recorded today.

Critical phase: Connection setup (key exchange, identity verification) is the most security-relevant phase of modern IT systems.

KOBIL approach: Hybrid cryptography combines classical methods with post-quantum cryptography (PQC) already during connection setup.

Security principle: The connection remains secure as long as at least one of the two cryptographic methods remains robust.

Advantage of the hybrid model: Protection against quantum attacks while simultaneously safeguarding against potential weaknesses of immature PQC methods.

Technical implementation: Hybrid methods have been integrated into existing systems despite larger keys and higher computational requirements.

Conclusion: High modularity and maintainability of KOBIL’s existing code base.

Product strategy: Gradual integration of quantum-ready protection across all KOBIL products, optionally also for existing customers.

Customer benefit: Preparation for quantum threats without disrupting existing processes or infrastructures.

Open issue: PKI, certificates, and external interoperability depend on ongoing international standardization processes.

PKI approach: Further development only after robust standardization (e.g., for hybrid certificates and PQC algorithms).

Overall assessment: Quantum readiness is understood as a long-term, standards-compliant security decision—not a short-term marketing effect.

KOBIL is Quantum-ready

Embark on Your Digital Journey with Our Solution