Why Continuous Testing is Critical in the Shift to Post Quantum Cryptography
Owen O'Donnell Marketing Manager
Expert lecture
Watch this full lecture and over 100 other expert presentations on quantum technologies with a QSECDEF membership.
About Owen O'Donnell
Responsible for marketing, strategy and new product introductions in VIAVI Solutions’s Wireless Business Unit, with a particular emphasis on virtualized 5G radio access, core network and PQC Performance testing (TeraVM platform).
Owen has more than 35 years’ experience in the industry with positions at Ericsson Telecommunications Inc. and Huawei, and has lived and worked in Sweden and U.K. prior to settling in Ireland.
Full Article
As organisations replace classical cryptography with quantum-safe algorithms, the transition must happen without disrupting live services. Post-quantum cryptography - PQC - strengthens protection, but it also changes system behaviour. The immediate priority is performance testing at scale.
Why performance testing matters
Moving to PQC is not a like-for-like swap. It affects:
Start-up times and session establishment
Capacity and concurrency
Latency and user experience under load
Behaviour under adverse conditions
Robust testing confirms that security gains do not degrade availability or usability.
How systems are tested
Engineering teams:
Emulate thousands of users, devices and hostile events
Drive traffic through quantum-secure VPNs, firewalls and application endpoints
Measure throughput, latency, tunnel counts, setup times, detection efficacy and user experience
Core metrics to track
Throughput - volume of data delivered
Latency - time to complete operations
Tunnel count - concurrent secure connections
Tunnel setup time - speed to establish a session
Threat detection rate - efficacy of controls under load
User experience - observable impact on clients
What changes with PQC
PQC schemes such as Kyber and Dilithium use larger keys and more complex handshakes. This increases data exchanged at session start and places extra load on CPU and memory.
Additional KPIs for PQC rollouts
Key size variation - effect of larger artefacts on bandwidth and storage
Re-keying frequency - operational cost of frequent rotations
KMS performance - ability of key management to sustain demand
Hybrid modes - interaction of classical and PQC algorithms
Test, do not guess
Industry bodies including the Tony Blair Institute, the Bank for International Settlements and GSMA emphasise the need for empirical testing. Without it:
Low-power devices may fail under heavier cryptography
Key exchanges that work in isolation may stall at scale
Key management systems can become bottlenecks
Findings from early testing
Web traffic - HAProxy
Simulation size: 1.6 million users
Observed impact: 26-37% reduction across throughput, connections and requests
Net effect: approximately 32% slower overall traffic
VPN tunnels - strongSwan
Test load: 128 users repeatedly creating and tearing down tunnels
Setup time increase: from 3.4 ms to 4.2 seconds
Tunnels per second: drop from 17,000 to 4,000
QKD key management
Key retrieval failures under load
KMS identified as the limiting factor
Significant tuning required to prevent system crashes
Operational implications
Sectors where performance is critical:
Smart manufacturing - sensors and control loops require low latency
Remote work - VPN performance drives productivity
Banking and finance - cryptographic faults can disrupt transactions
Crypto agility
Algorithms evolve. Crypto agility ensures systems can switch algorithms and parameters without redesign. Agility must be tested in advance so replacements fit operational constraints.
Practical takeaway
PQC strengthens protection but adds cost in speed, scale and complexity. Continuous, evidence-based performance testing is essential to deploy securely without breaking live services. Skipping this step risks solutions that are strong on paper yet slow, fragile or unworkable in practice.
Market classification
Primary domain
Cybersecurity
Technology focus
Post-quantum cryptography, key management systems
Sub-markets and adjacent domains
Telecommunications
Financial technology - FinTech
Enterprise IT
Critical infrastructure
Competitor categories
Legacy encryption vendors - RSA, ECC
Quantum-safe crypto providers - for example PQShield, Crypto4A, ISARA
VPN and firewall vendors integrating PQC
Market outlook
Rapid PQC adoption expected from 2025-2032
Standardisation - including NIST - will shape integration
Strong demand for performance-optimised crypto agility tools
Demand drivers
Advancing quantum capabilities
Regulatory pressure from national cybersecurity strategies
Enterprise migration from RSA and ECC
Rising complexity across hybrid IT environments
Organisation
VIAVI offers security frameworks and validation tools that enable organisations to move quantum algorithms and architectures from theoretical models and lab environments into secure, real-world deployments.
Frequently Asked Questions
- Who is Owen O'Donnell?
- Responsible for marketing, strategy and new product introductions in VIAVI Solutions’s Wireless Business Unit, with a particular emphasis on virtualized 5G radio access, core network and PQC Performance testing (TeraVM platform).Owen has more than 35 years’ experience in the industry with positions .
- What is the lecture "Why Continuous Testing is Critical in the Shift to Post Quantum Cryptography"?
- This presentation by Owen O'Donnell at the Quantum Security Defence World Symposium covers key concepts, challenges, and developments in post-quantum cryptography, quantum cyber security.
- What is post-quantum cryptography?
- Post-quantum cryptography refers to cryptographic algorithms designed to remain secure against attacks from quantum computers. NIST finalised its first PQC standards in 2024.
- What is quantum cyber security?
- Quantum cyber security applies quantum mechanical principles to protect digital communications and data. It covers quantum key distribution, post-quantum cryptography, and quantum-safe network design.
Access All Expert Lectures
Watch over 100 expert presentations, attend weekly live webinars, and connect with specialists across 40+ countries.