🚀#1 Next in VC : Post-Quantum Cryptography

The Next Deeptech Goldmine for VC

May 09, 2025

💸 Why and why now ?

It’s hard to predict who will win the quantum supremacy race—it requiers a cutting-edge physics knowledge understood by a select few.

But it is very likely someone will get there. And when that happens, whoever it is, current encryption stacks based on RSA algorithms are at risk. Overnight.

RSA encryption keys are essentially just large numbers that appear random but are actually mathematically derived. They’re generated using deterministic algorithms based on prime numbers, which means that with enough computing power—or a quantum computer—those keys could be reverse-engineered. In contrast, post-quantum cryptographic (PQC) solutions, especially those integrating quantum random number generators (QRNGs), can produce truly unpredictable keys based on the laws of physics (simulating the behavior of a photon or electron)—not math. This makes them far more secure against both classical and quantum attacks. This is an example of PQC solution but there are many more…

Businesses and industrials are anticipating it now, generating opportunities for hardware and software Post-Quantum Cryptography (PQC) solutions. PQC won’t just be a compliance checkbox—it will become a non-negotiable layer of defense for every company and individual.

For institutions where data security is existential—banks, insurers, pharma giants, governments, defense systems…—PQC will be the backbone of business continuity. This makes it a massive monetization and retention lever for any startup with a foothold in the space.

The opportunity for VCs ?

✅ Timing: Standards are landing, adoption is near : On August 24, the national Institute of Standards and Technology (NIST) published - FIPS 203, 204, and 205, the first three PQC standards based on new types of algorithms : CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON and SPHINCS+. Real-world use cases are being implemented for examples on messaging or digital signatures
✅ TAM: Global, urgent, cross-industry: The Quantum Insider’s latest report projects the quantum security market will grow to ~$10 bn by 2030 (CAGR >50%). McKinsey is estimating the quantum communication market to reach $15 bn by 2035
✅ Exit paths: Ripe for M&A from cloud, chip, and enterprise security majors as well as public-backed corporations

Corporates are progessively integrating PQC solutions (IBM, Microsoft, Thales, Google, Palantir, Atos…) but early stage start-ups have room for development leveraging the high technilaty and agility required.

Here’s a curated (non-exhaustive) list of early-stage startups building the quantum-safe future, organized by maturity stage.

🎯Deal Flow & Sourcing

🌱 Seed & Serie A - Ready to pump

Qrypt (US) – Seed / Bootstrapped. Distributed PQC solutions based on quantum-resistant random figure generation and zero-trust key management (quantum-safe entropy. Partnered with Los Alamos National Laboratory
PQSecure (US) – Bootstrapped. Focused on embedded PQC + hardware lightweight security for resource-constrained devices. Worked with the Defense Advanced Research Projects Agency's (DARPA) on Automatic Implementation of Secure Silicon (AISS) designing chip-level security
Isara (Canada) – Serie A ($10M, 2018, Shasta Venture). Cryptographic agility and interoperability pioneer. Provides hybrid TLS, S/MIME, VPN integration. Built hybrid certificates that combine classical and quantum-safe cryptographic algorithms. Focus on easy migration and interoperability between PQC and standards cryptographic solutions. Active partnerships with Thales
QuSecure (US) – Series A ($28M, 2025, Two Bear Capital, Accenture Ventures). Sole-source SBIR Phase III contractor for the U.S. government. Focus on fast deployment across IT, OT, cloud, and edge infrastructure without hardware replacement. Offers zero-trust encryption layers. Demonstrated use cases in complex, low-latency environments like multi-orbit satellite networks
CryptoNext Security (France) – Serie A (€11M, 2023, AVP / Quantonation, Elaia). Embeds PQC in constrained environments. Already worked with Nato and “Banque de France” on quantum-safe messaging applications. Focus on cryptographic asset discovery, remediation, and management. First company in the EU to receive NIST Cryptographic Algorithm Validation Program

🚀 Series B or above - Ready to scale

PQShield (UK) – Serie B ($37M, 2024, Addition). Quantum-safe cryptography on chips, in applications, and in the cloud. Among the few with NIST-aligned cryptographic cores ready for integration in FPGAs, ASICs, and smartcards. Supports PQC implementation from embedded IoT to enterprise applications
Post-Quantum (UK) – Serie B (Not disclosed, 2022). Works with NATO & UK gov. Builds crypto-agile platforms and solutions to migrate from standard to post-quantum cryptography. Offers secure messaging, identity management, and VPN products with full PQC integration
Fortanix (US) – Series C ($90M, 2023). Confidential computing + key management platform with post-quantum capabilities. Operates in zero-trust cloud natives environments (AWS, Azure, GCP, Kubernetes). Demonstrated the integration of quantum number generation entropy sources into its Data Security Manager (DSM) platform, enhancing cryptographic key generation processes

Conclusion

PQC is progressively reshaping cybersecurity. The trend is likely to keep going as we are getting closer from quantum supremacy at industrial level. Despite this promising outlook, PQC start-ups face major challenges. There are a few key differentiators to assess their maturity and growth potential :

Crypto-agile solutions that enable easy cohabitation between RSA and PQC algorithms will be a must over the medium term in real-world settings (ex : Isara, CryptoNext)
Hardware integration is a deep moat—startups with IP for chips, smartcards, or embedded systems are stickier and harder to replicate (ex : PQsecure). On the contrary, some start-ups intentionnaly excluded any hardware and focused on software enabled PQC solutions (ex : QuSecure)
Side-channel resistance is a niche but critical edge for teams focused on silicon-level security (side channel attacks include physical leakages like power consumption or electromagnetic emissions)
NIST-alignment + involvement in standardization processes is a strong signal of technical credibility and future-proofing (ex : PQshield)
Migration tooling (not just encryption tech) will be essential—players who help companies upgrade without disruption will win adoption and retention as cybersecurity does not allow vulnerabilities while migrating

If you are interested in deep-diving, please reach me.

See you next week for episode #2 of Next in VC

🚀 Next in VC 🚀

Discussion about this post