Quantum Cryptography Standardization is a project by NIST to standardize post-quantum cryptography. 23 signature schemes were submitted, 59 encryption/KEM schemes were submitted by the initial submission deadline at the end of 2017, of which 69 in total were deemed complete and proper and participated in the first round. 26 of these have advanced to the second round encryption/key-establishment and 9 signature schemes.
To begin early adoption and maintain an ethical use of the phrase “Post Quantum” before final candidates are selected, we categorize our use of these candidates as Post-Quantum up until 1,000 qubits. Potential problems start to appear as soon as there is a 65 qubit universal gate quantum computer (aka a real quantum computer – not like D-Wave). The ROBOT attack (robotattack.org) has our attention as it was demonstrated that it is theoretically possible to “transform a quantum key exchange to a supersingular Isogeny” meaning certain narrow classes of even Post-Quantum problems are vulnerable to a sufficiently advanced universal gate quantum computer.
Why 5 years? That is an approximate target for 1,000 cubit. At or near this scale the meaning of quantum computing for encryption becomes murky based on our current understanding and capabilities. However, over the next 5 years more information will be made available that will allow us to adjust our encryption methods to work to stay ahead of the curve.
We are not concerned about quantum annealing solutions. We see a market for quantum annealing (machine learning, medicine, etc), but that class of quantum computer is not a threat to cryptography the way a universal gate quantum computer is with a sufficient number of coherent qubits.