Learning outcomes/objectives


After successful completion of the module students know:

  • the basic mathematics of quantum computing
  • how quantum computers threaten cryptography
  • the techniques underlying modern quantum-safe cryptography
  • how security proofs work
  • important proof techniques for post-quantum cryptography
  • the current state of post-quantum security standardization
  • at least one standardization-candidate cryptosystem in more detail


After successful completion of the module, students will be able to:

  • analyze simple quantum programs
  • write simple post-quantum security proofs
  • follow complex security proofs
  • connect complex (real-life) post-quantum secure cryptosystems with their basic versions
  • understand security-relevant design decisions
  • implement post-quantum cryptosystems


Based on the knowledge and skills acquired in the module, students will be able to:

  • orient themselves in the post-quantum security landscape based on solid foundations
  • enter research into post-quantum security
  • follow both industry and academic research, development and standardization of post-quantum crypto
  • make educated decisions related to cryptographic systems
  • join teams working on cryptographic systems (research / implementation)


  • Foundations
    • Mathematical foundations of quantum mechanics
    • Quantum computing (programming quantum computers)
    • Cryptographic security proofs
    • Quantum random-oracle model
  • Insecurity of existing cryptography
    • RSA / discrete logarithm based cryptosystems
    • Shor’s algorithm
  • Elementary post-quantum schemes
    • Learning with errors (LWE) problem
    • Decoding problems
    • Regev cryptosystems and variants
    • McEliece and variants
  • Hardening encryption schemes with hash functions
    • Quantum random-oracle model (QROM)
    • Fujisaki-Okamoto transform
    • Security proofs in the QROM
  • Real-world post-quantum secure systems
    • Overview over NIST-standardization process
    • One cryptosystem in detail (e.g., Kyber)