1. Home
  2. /
  3. Resources
  4. /
  5. #KEYMASTER: Why Standards and Interoperability are Critical for Cryptography – And the Modern World

#KEYMASTER: Why Standards and Interoperability are Critical for Cryptography – And the Modern World

hero-sub-3
PKI hierarchies - 1, 2, 3 tiers ?

2026-03-03

In this #KEYMASTER session, Sven Rajala and Chief PKI Officer Tomas Gustavsson discuss why standards and interoperability are foundational—not just for cryptography, but for the modern world as a whole.

From transferring funds across borders to securing online communications, global systems only function because they follow shared rules. In cryptography, those rules ensure that products, vendors, and protocols can work together securely and reliably.

As organizations accelerate their move toward post-quantum cryptography (PQC), these principles matter more than ever.

Watch video on YouTube

The Invisible Infrastructure Behind Digital Trust

As Tomas points out, standards and interoperability are so fundamental that we rarely notice them—until they’re missing. Without them, basic global operations like transferring funds between countries or securing online communications simply wouldn’t function.

In cryptography, standards ensure that different vendors, systems, and protocols can work together safely and predictably.

Crypto Agility: More Than a Buzzword

One of the most important concepts discussed is crypto agility. While the term is often misunderstood, it doesn’t mean you can magically flip a switch and start using a new algorithm overnight. Instead, crypto agility is about designing systems that can evolve.

Protocols like TLS are good examples: during the handshake, clients and servers negotiate which cryptographic algorithms they both support. This allows systems to be upgraded gradually, maintaining backward compatibility and avoiding disruptive, ecosystem-wide changes.

In short, future-ready cryptography is about smooth migration, not sudden replacement.

Performance: A Pleasant Surprise

One of the biggest early concerns around PQC was performance. Many expected significant slowdowns compared to classical algorithms like RSA.

In practice, testing has shown something different: for most use cases, performance has been very good—and in many cases better than RSA.

Of course, performance depends on the specific environment and use case. But overall, fears of widespread performance degradation have largely proven unfounded.

Core PQC Concepts That Reshape System Design

As organizations transition to post-quantum cryptography, the biggest adjustments are not just technical—they’re architectural.

PQC introduces several foundational shifts that require teams to rethink how cryptographic systems are structured and integrated. Here are a few examples:

Algorithms Are More Specialized: With RSA, one algorithm could handle encryption, key exchange, and digital signatures. In the PQC world, responsibilities are split between algorithms, with ML-KEM being designed for key exchange, while ML-DSA handles digital signatures. This separation means systems built around the assumption that “one algorithm does everything” need to be restructured.

Established Workflows May Not Map Directly: Many existing standards and processes were built around RSA’s flexibility. Certificate signing requests, protocol designs, and internal security architectures may require updates to align with the more specialized PQC model.

Signing Behavior Is Different: Classical approaches typically hash large data first and then sign the hash. Many PQC signature schemes instead operate directly on the input data. This can introduce size considerations and compatibility constraints—particularly for hardware security modules (HSMs)—and may require implementation adjustments or updated standards support.

Speed vs. Safety in Standardization

The urgency of migrating to quantum-resistant cryptography has accelerated standardization efforts. While this speed is necessary, it also introduces risk. Some PQC mechanisms are already in large-scale production use even though the underlying standards are not fully finalized.

This likely won’t cause major issues—but it’s a risk worth acknowledging. Thorough interoperability testing and transparent documentation become even more critical in this environment.

Key Takeaways

  • Standards and interoperability are the foundation of secure global systems.
  • Crypto agility enables smooth, phased migration—not instant algorithm swaps.
  • PQC performance is stronger than many initially expected.
  • PQC algorithms are more specialized than RSA, requiring architectural adjustments.
  • Signing workflows differ and may require implementation changes.
  • Rapid standardization increases urgency around testing and validation.
  • Practical documentation and interoperability resources are critical for successful adoption.

As cryptography enters a post-quantum era, the real challenge isn’t just adopting new algorithms—it’s ensuring they integrate seamlessly into the systems the world already depends on.

Learn more

Related resources

PKI hierarchies - 1, 2, 3 tiers ?
Implementing Cryptography
Post-Quantum Cryptography
Tech Update
Ejbca
Signserver
24 February, 2026

#KEYMASTER: The State of Hybrid Certificates in a Post-Quantum World

In this #KEYMASTER session, Sven Rajala sat down with Chief PKI Officer Tomas...
Read more
Jet-Blog (1)
Implementing Cryptography
Installation & Deployment
Post-Quantum Cryptography
Signing
Tech Update
Ejbca
Signserver
11 December, 2025

Keyfactor PQC Lab Test Drive – now with support for Signing

From Open Source to Enterprise- try it for yourself. If you are testing or ev...
Read more

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey Solutions AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Check to consent to the use of Necessary cookies
Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Check to consent to the use of Functional cookies
Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

Check to consent to the use of Cookies for statistics
For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

Check to consent to the use of Cookies for ad-tracking
To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.

Ad measurement user cookies

Check to consent to the use of Ad measurement user cookies
In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

Check to consent to the use of Personalized ads cookies
To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data
Close