Quantum computing is moving from theory to reality. While largescale quantum computers are not yet available, their future impact on cyber security is clear: algorithms like RSA,  Diffie–Hellman, and Elliptic Curve Diffie-Hellman which secure VPNs, TLS, and digital identities, will eventually be broken by quantum algorithms.

This creates an immediate risk known as harvest now, decrypt later, in which adversaries can capture encrypted traffic today and decrypt it when quantum resources become available.

To address this, the U.S. National Institute of Standards and Technology (NIST) finalized the first post-quantum cryptography (PQC) standards in 2024:

  • FIPS 203: ML-KEM for key establishment
  • FIPS 204: ML-DSA for digital signatures
  • FIPS 205: SLH-DSA for digital signatures

These standards define the algorithms that will replace RSA and ECC in the coming years. Check Point’s strategy is to integrate these standards into our security architecture in a phased, operationally practical way.

The Need for NIST-Compliant Offerings

Check Point is at the forefront of implementing post-quantum cryptography (PQC) within our solutions. Our advanced approach allows for the support of multiple PQC key exchanges, accommodating larger key sizes essential for quantum-safe communications. The advancements below are available in our newest software release, R82, which is available on both on-premises and cloud-based firewalls.

Site-to-Site VPNs From R82

Check Point delivers Post-Quantum Hybrid Key Exchange in the R82 release. Quantum-safe key exchange (QSKE) implements hybrid IKEv2 key exchange, combining classical Diffie-Hellman with ML-KEM to ensure sessions remain secure even if classical algorithms are compromised in the future.

The design follows IETF guidance:

  • RFC 9370: Multiple Key Exchanges in IKEv2
  • RFC 9242: Intermediate Exchange for Large Key Payloads

QSKE affects key establishment only; the data plane (ESP) continues to use standard algorithms, such as AES-GCM, which is considered quantum-safe. R82 is the recommended release for enabling QSKE on critical VPNs, with configuration available via Smart Console or Management API.

R82 is the recommended release for enabling QSKE on critical VPNs, with configuration available via Smart Console or Management API. Logging and API integration provide visibility into adoption and performance.

Quantum-Safe TLS and HTTPS Inspection – from R82.10 (Currently in Early Availability)

As quantum-safe TLS cipher suites appear in browsers and servers, Check Point gateways handle them as follows:

  • When HTTPS inspection is disabled: Quantum-safe TLS sessions pass transparently end-to-end.
  • When HTTPS inspection is enabled: Quantum-safe TLS sessions are inspected if using the X25519MLKEM768 or if they’ve accepted a downgrade to a classic algorithm, otherwise, the connection is dropped.

This approach provides visibility without disrupting traffic, enabling organizations to monitor PQC adoption while maintaining business continuity, and is currently available to customers via the Early Availability program ahead of the R82.10 General Availability release, expected in November 2025.

Roadmap: What’s Next
VPN

The Risk: While Check Point already delivers quantum-safe protection for site-to-site VPNs in R82, remote access VPNs remain exposed. These connections, used by employees and partners to access corporate resources from outside the network, still rely on classical key exchanges that quantum computers will eventually be able to break. Our roadmap for VPN includes the following improvements:

  • Remote Access VPN: The objective is to extend quantum-safe key exchange (QSKE) protections to clients accessing these VPNs, including those running on Windows, macOS, and Linux platforms.
  • Site-to-Site VPN: Quantum-Safe Pre-Shared Key
    While full deployment of the quantum-safe VPN may be a challenge, another slightly weaker but simpler approach also provides a quantum safe solution for VPN: enabling RFC 8784 by incorporating a Post-Quantum Pre-shared Key (PPK) into IKEv2’s session 
Digital Signatures

The Risk: Digital signatures safeguard PKI, certificates, and software updates. Quantum attacks could forge identities or tamper updates, eroding trust across critical systems and supply chains. Our roadmap includes the following improvements:

  • Support for ML-DSA and SLH-DSA will be introduced as PKI tooling and ecosystem support mature, ensuring authentication and integrity remain quantum resilient.
  • Support for hash-based LMS/XMSS signatures will be added for software and firmware signing to harden the update pipeline against future quantum attacks.
Quantum Key Distribution (QKD)

The Risk: PQC is algorithmic, its strength depends on the difficulty of mathematical problems. While this provides scalable protection, it still relies on assumptions that future advances might challenge. By contrast, QKD utilizes the laws of physics to generate and exchange truly random keys, guaranteeing that any attempt at interception is immediately detectable. For the most sensitive environments, relying solely on algorithms may not be enough.

  • While PQC is the primary, scalable defense, Check Point plans to introduce QKD integration for specialized, high-assurance environments. This will allow customers to combine mathematically secure PQC with quantum physics based key delivery for the highest level of assurance.

A Security Upgrade with Quantum-Safe Advancements

Start your quantum-safe journey today by upgrading to R82 to allow Post-Quantum Hybrid Key Exchange on critical VPNs.

  • Users can also join our Early Availability program for  R82.10 to enable HTTPS Inspection for all TLS sessions.

You may also like