The new federal standard and its backup
In 2024, the National Institute of Standards and Technology approved three post-quantum cryptography standards under its Federal Information Processing Standards program. The centerpiece for encryption is FIPS 203, which standardizes a mechanism called ML-KEM, short for Module-Lattice-Based Key-Encapsulation Mechanism. ML-KEM is derived from the CRYSTALS-Kyber algorithm and solves a specific problem: letting two devices agree on a shared secret key over an open network without an eavesdropper being able to reconstruct it, even with a quantum computer. That shared secret then feeds a conventional symmetric cipher, the workhorse that handles the heavy lifting of encrypting bulk data like video. The underlying math is a lattice problem that, according to current cryptographic research, no known quantum algorithm can crack efficiently. NIST’s companion document, Special Publication 800-227, lays out how key-encapsulation mechanisms should be woven into real-world protocols, covering security properties, key confirmation, and design considerations directly relevant to systems that carry video. “Post-quantum cryptography is about addressing threats before they materialize,” Dustin Moody, who leads NIST’s post-quantum cryptography project, said in the agency’s March 2025 announcement of the HQC selection. “We want to have a backup in case ML-KEM faces a vulnerability in the future.” NIST also built in a contingency. In March 2025, the agency selected Hamming Quasi-Cyclic, or HQC, as its fifth post-quantum encryption algorithm. HQC rests on a different mathematical foundation than ML-KEM, so if a flaw were ever found in lattice-based schemes, organizations would have a ready alternative rather than starting from scratch.Why video is especially exposed
Live streams, recorded surveillance footage, telehealth sessions, and video conferences all depend on protocols such as TLS, DTLS, and WebRTC to negotiate encryption keys before a single frame of content flows. If an adversary captures that encrypted traffic today and stores it, a future quantum computer could break the key exchange retroactively and unlock everything the symmetric key was protecting. Cryptographers call this the “harvest now, decrypt later” threat, and it is the reason NIST’s migration guidance urges organizations to act well before large-scale quantum computers exist. The threat is not hypothetical in its setup. Intelligence agencies and sophisticated criminal groups are widely believed to be stockpiling encrypted traffic already, betting that quantum decryption will eventually catch up. For video data that must stay confidential for decades, such as law-enforcement evidence, medical imaging, or recordings of sensitive corporate deliberations, the shelf life of today’s classical encryption is the central vulnerability.What remains uncertain
The standards are final, but deploying them across the sprawling ecosystem that handles video is a different matter. No NIST publication details a specific implementation of ML-KEM or HQC inside a production video-streaming stack. Protocols like WebRTC operate under tight latency budgets, and the performance characteristics of lattice-based key exchanges at scale in those environments have not been published by NIST or by major video-platform operators. Early vendor experiments exist but lack independent benchmarks. Adoption timelines are similarly murky. Federal agencies face migration deadlines tied to National Security Memorandum 10 and Office of Management and Budget guidance (M-23-02), but no equivalent mandate compels private-sector video providers to hit a specific date. Content delivery networks, cloud video platforms, and hardware encoder manufacturers each face distinct integration challenges, and as of spring 2026, none have released public roadmaps pegged to FIPS 203 compliance. The gap between a published standard and widespread deployment could stretch for years. Hybrid approaches add another layer of complexity. Some security architects advocate running a classical key exchange alongside a post-quantum KEM simultaneously during the transition, so that security degrades gracefully if either method is compromised. SP 800-227 addresses design considerations for KEMs but stops short of prescribing a single hybrid strategy, leaving implementers to weigh compatibility and overhead on a case-by-case basis.What organizations should do now
For any organization that manages video with long confidentiality requirements, the practical first step is an inventory: which encryption protocols protect stored and in-transit video, and where does key exchange happen? That inventory becomes the migration map. SP 800-227 provides the technical starting point for integrating KEMs into TLS and related protocols, and the existence of HQC as a backup means architects can design for algorithm agility rather than betting everything on a single post-quantum scheme. Product claims deserve scrutiny, too. Marketing that references “quantum-safe video” should be measured against the specific parameter sets defined in FIPS 203, not just against the broader CRYSTALS-Kyber family from which ML-KEM was derived. Without testing against the finalized standard, such claims remain unverified. The bottom line is narrow but consequential. The federal government has locked down the cryptographic building blocks needed to protect key exchanges against quantum threats, and those building blocks map directly onto the protocols that carry video. Translating a published standard into protection for millions of cameras, conferencing clients, and streaming servers is where the hard work begins, and no one has set a finish line. More from Morning Overview*This article was researched with the help of AI, with human editors creating the final content.
