5 Best Post Quantum Encryption Solutions for Telecoms & 5G Networks

October 21, 2025

The telecom and 5G networking landscape demands solutions that can keep pace with increasing data rates, operational efficiency, and emerging cybersecurity threats such as quantum computing. Traditional encryption methods, while foundational, impose significant latency and complexity, and fail to meet modern performance and futureproofing requirements.

Post-quantum cryptography (PQC) is emerging as the critical safeguard, enabling carriers to secure data in motion against both today’s attacks and tomorrow’s quantum breakthroughs. A new generation of solutions, from hardware-accelerated platforms like Sitehop’s through to other flexible software-defined approaches, are reshaping how operators think about latency, scalability, and resilience.

This article explores the leading post-quantum encryption technologies that will define the secure future of telecom and 5G infrastructure.

 

Why telcos/5G providers need quantum‑safe encryption now

5G networks rely heavily on public‑key cryptography for device authentication and key exchange mechanisms for encryption. This cryptography (RSA and elliptic‑curve schemes) depends on mathematical problems that are hard for classical computers to solve but could be solved quickly by a quantum computer. Experts warn that such a cryptographically relevant quantum computer (CRQC) could arrive within the decade nist.gov, yet updating cryptography across modern networks typically takes 10–20 years (nist.gov).

Unlike the Y2K bug, which had a fixed date, the arrival of quantum computers is uncertain, and the threat may materialise before many systems have been upgraded. To make matters worse, adversaries are already collecting encrypted data in the hope of decrypting it later with quantum machines – a tactic known as “harvest now, decrypt later” nist.gov.

Nation‑states are believed to be stockpiling sensitive encrypted traffic techtarget.com, so critical data exchanged on 5G networks could be compromised years down the line if providers do not start adopting post‑quantum cryptography (PQC) soon.

 

How we compared the top solutions

We have compared the top solutions using a range of evaluation criteria including latency, throughput, tunnel capacity, standards support (RFC 8784, 9242, 9370), crypto‑agility, integration with existing routing hardware and post quantum readiness.

Across high-speed enterprise platforms, hardware acceleration is common, vendors use ASICs, NPUs, or FPGAs to offload cryptography. The key distinction is data-path placement (where packets land first). In FPGA-first encryptors, frames enter the hardware pipeline directly, so the latency sensitive bulk crypto executes entirely in silicon with minimal queuing, delivering deterministic ultra-low latency/jitter and very low CPU load. In feature-first security gateways, even with powerful crypto ASICs, packets typically traverse classification, policy/session handling, and service frameworks before/around the IPsec engine (with controlled CPU assist for complex cases), yielding rich L4–L7 capabilities, application ID, IDS/IPS, SD-WAN, service chaining, with modestly higher and more variable latency than a pure hardware pipeline. Both approaches are valid: the former fits high-fan-in backhaul and line-rate encryption, while the latter excels at edge and service layers where policy and application context matter.

 

The best post‑quantum solutions for telecoms

Sitehop SAFEcore 1000: Benchmark for deterministic Post Quantum Encryption

• Positioning: FPGA‑powered IPsec aggregator offering sub‑microsecond latency, 8,000 tunnels and 200 Gb/s full duplex (per 1U) and optional ML‑KEM + RFC 9370 support.
• Key advantages: Deterministic latency under load; crypto‑agile updates; compact 1U form factor; ideal for high‑fan‑in IPsec aggregation.
• Deployment: Offload encryption in the core/backhaul while using existing gateways/NGFWs for policy and application control.

 

Fortinet FortiGate (FortiOS 7.6+): Flexible NGFW with PQC & QKD

• Positioning: Widely deployed NGFW/SD‑WAN platform with built‑in quantum‑safe features.
• Key features: IPsec key exchange now supports NIST‑approved ML‑KEM‑512/768/1024 docs.fortinet.com; FortiOS allows stacking multiple KEMs to create hybrid keys and includes UI/CLI controls for additional key exchanges docs.fortinet.com.
• QKD readiness: Fortinet introduced QKD integration starting with FortiOS 7.4; the platform works with leading QKD vendors to provide quantum‑generated keys thefastmode.com.
• Use case: Good for edge/regional deployments needing policy inspection and multiple PQC on‑ramps (e.g., RFC 8784 mixing, ML‑KEM hybrid).

 

Palo Alto Networks PAN‑OS 11.2: Multi‑KEM IKEv2 and NGFW features

• Positioning: NGFW with advanced VPN controls enabling hybrid key exchange.
• Key features: Uses RFC 9242 and RFC 9370 to perform multiple successive key exchanges; by combining classical (EC)DH with one or more post‑quantum KEMs, the shared key remains secure if any algorithm holds.
• Flexibility: Administrators can specify up to seven additional KEMs and optionally mix in RFC 8784 pre‑shared keys; ideal for phased migration.
• Considerations: Provides deep policy and threat‑inspection capabilities but may introduce higher latency compared with purpose‑built hardware accelerators.

 

Juniper SRX/vSRX (Junos 22.4R1+): QKD integration & quantum‑safe IPsec

• Positioning: Carrier‑class firewall platform with IPsec, MACsec and QKD capabilities.
• Quantum key manager: Junos Key Manager supports quantum key manager profiles; these profiles access QKD devices to generate fresh quantum keys for each connection and use them as post‑quantum pre‑shared keys.
  PPK mixing & QKD: Static key profiles can be used to inject post‑quantum pre‑shared keys (RFC 8784), while dynamic profiles fetch keys from QKD devices; QKD uses quantum channels to generate identical keys and protect both data and control planes.
• Real‑world validation: A 2025 proof‑of‑concept with Turkcell, Juniper and ID Quantique demonstrated that integrating QKD with Juniper’s MACsec/IPsec frameworks protected mobile backhaul without performance loss.
• Use case: Suitable for operators seeking QKD‑ready solutions and strong service‑chain functions (firewall, NAT, QoS) alongside PQC.

 

Nokia IPsec Security Gateway: Carrier‑grade scale with integrated PKI

• Positioning: Runs on the 7750 SR platform with tight integration into 3GPP PKI flows via the NetGuard Certificate Manager.
• Capacity & throughput: Each line card can support 20Gb/s full duplex encryption at large packet sizes. By combining this with 16 slots a total of 320 Gb/s can be achieved in 17U.
• Considerations: Ideal for operators standardized on Nokia routers; Quantum protect provided through ANYsec

 

Choosing the right solution for your network

Key differences

• Latency vs features: SAFEcore = deterministic sub-µs latency; NGFWs = richer L7 features but higher/variable latency.
• Hardware vs software: Hardware offload for line-rate crypto; NGFWs are flexible but become the bottleneck at scale, as all encrypted traffic goes through software even when offload ASICs are used.
• Throughput density vs cost/power: Purpose-built aggregators pack far more encryption density per RU; NGFW capacity scales with SKU/licence/RU/power.
• QKD readiness: Plan QKD only on crown-jewel links; use standards-based hybrid IKEv2 elsewhere.

 

Quick compare

Conclusion & next steps

Regulators such as CISA, NSA and NIST stress that a successful PQC migration “will take time to plan and conduct” and urge organisations to begin developing quantum‑readiness roadmaps cisa.gov.

History shows that changing cryptography at scale takes longer than seven to ten years, meaning organisations that wait risk running out of time. For 5G operators, this means inventorying every protocol, device and service that uses public‑key encryption, prioritising those protecting long‑lived secrets, and working with equipment suppliers on crypto‑agility – the ability to swap algorithms quickly, techtarget.com.

CISA recommends starting with a cryptographic inventory and engaging vendors to identify technologies that must migrate to PQC cisa.gov. At the same time, engineers should begin testing NIST’s standardised PQC algorithms for key encapsulation and digital signatures and consider hybrid deployments that combine classical and quantum‑resistant methods.

By acting now, telecom and 5G providers can avoid a last‑minute scramble and ensure that future quantum breakthroughs do not undermine the trust and resilience of their networks. As HSBC noted in recent podcasts, “if you think security is expensive, have a breach” – the cost of inaction could be far greater than the investment needed to become quantum‑ready.