Central Bank Digital Currencies (CBDCs) represent one of the most significant evolutions in monetary systems since the introduction of electronic banking. As over 130 countries actively explore CBDC implementations, a critical security consideration has emerged at the forefront of design discussions: quantum computing threats. The impending reality of large-scale quantum computers capable of breaking current cryptographic standards presents an existential risk to digital currency infrastructures being deployed today.
While the timeline for achieving quantum supremacy capable of compromising current financial systems remains debated, the long-term security implications for CBDCs—designed to function as critical national infrastructure for decades—cannot be overlooked. Central banks face the complex challenge of implementing systems that must remain secure not just against today’s threats, but against the quantum capabilities of tomorrow.
This article examines the multifaceted approaches to designing quantum-resistant CBDCs, exploring the cryptographic foundations, implementation challenges, and governance frameworks essential for creating digital currencies that will remain secure in the post-quantum era. As central banks navigate this technological frontier, collaboration between quantum computing experts, cryptographers, and financial system architects becomes increasingly vital—precisely the kind of cross-sector collaboration showcased at events like the World Quantum Summit.
The security of modern financial systems relies heavily on cryptographic algorithms that would require classical computers thousands of years to break. However, the advent of sufficiently powerful quantum computers fundamentally alters this security calculation. Shor’s algorithm, when implemented on a fault-tolerant quantum computer with adequate qubits, could efficiently solve the mathematical problems underpinning widely-used public key cryptography systems.
For CBDCs, this quantum vulnerability creates unique challenges beyond those faced by traditional cryptocurrencies or electronic banking systems. As government-backed infrastructure, CBDCs must maintain exceptional security standards and inspire unwavering public confidence. Any compromise could have catastrophic consequences for national economic stability.
The specific threats quantum computing poses to CBDC architectures include:
Many current CBDC designs rely on Elliptic Curve Digital Signature Algorithm (ECDSA) for transaction authentication—the same cryptographic foundation used by many cryptocurrencies. Quantum computers could theoretically break these systems, potentially allowing attackers to forge signatures and execute unauthorized transactions.
CBDCs are designed as long-lived systems, with lifespans measured in decades rather than years. This extended timeframe increases the likelihood that quantum computing advances will occur during their operational lifespan, necessitating security architectures that anticipate future threats rather than merely addressing current ones.
Perhaps most concerning for CBDCs are “harvest now, decrypt later” attacks, where adversaries collect encrypted financial data today with the intention of decrypting it once quantum computing capabilities mature. This threat model is particularly relevant for financial data with long-term confidentiality requirements.
The emergence of these threats coincides with the acceleration of CBDC development globally. The Bank for International Settlements reports that over 90% of central banks are engaged in CBDC research or development, creating an urgent need for quantum-safe design principles that can be implemented across these diverse projects.
Developing quantum-resistant CBDCs requires a fundamental shift in cryptographic approaches. Post-quantum cryptography (PQC) encompasses cryptographic algorithms believed to be secure against attacks from both quantum and classical computers. Several promising approaches are emerging as the foundation for quantum-safe CBDC designs:
Lattice-based methods have emerged as leading candidates for quantum-resistant public key encryption and digital signatures in CBDC implementations. These systems base their security on the computational difficulty of solving certain problems in high-dimensional lattices, problems that remain challenging even for quantum algorithms. The NIST-selected CRYSTALS-Kyber key encapsulation mechanism and CRYSTALS-Dilithium digital signature algorithm represent standardized implementations that CBDC architects are increasingly incorporating into design specifications.
Hash-based signature schemes like SPHINCS+ offer another viable approach for quantum-resistant transaction authentication in CBDCs. These signatures derive their security from the properties of cryptographic hash functions, which are believed to maintain resistance against quantum attacks. While these signatures tend to be larger than traditional alternatives, their well-understood security properties make them attractive for critical financial infrastructure.
Multivariate cryptographic systems base their security on the difficulty of solving systems of multivariate polynomial equations. Though less commonly deployed than lattice-based approaches, they offer diversity in cryptographic foundations that may prove valuable as the quantum computing landscape evolves.
Beyond these specific cryptographic approaches, CBDC security architects are increasingly adopting cryptographic agility as a design principle. This approach enables the underlying cryptographic algorithms to be replaced or updated without disrupting the broader CBDC ecosystem—essential for responding to emerging quantum threats or cryptanalytic breakthroughs.
Implementing quantum-safe cryptography in CBDCs presents several practical challenges that extend beyond theoretical cryptographic security. Central banks must balance security requirements with performance constraints, backward compatibility needs, and hardware limitations.
Post-quantum cryptographic algorithms typically require more computational resources than their classical counterparts. For CBDCs, which must process transactions at national or international scale, these performance implications are significant. Early implementations indicate that post-quantum signatures may be 5-10 times larger than current signatures, with verification operations requiring substantially more computational power.
To address these challenges, CBDC designers are exploring hybrid cryptographic approaches that combine quantum-resistant algorithms with classical methods during the transition period. This hybrid approach provides immediate protection against quantum threats while mitigating performance impacts.
Many CBDC implementations rely on hardware security modules (HSMs) for key management and cryptographic operations. Updating these specialized hardware components to support post-quantum algorithms represents a significant implementation challenge. Central banks are working with HSM manufacturers to develop quantum-resistant versions that maintain the security assurances of current models while supporting new algorithmic requirements.
The secure element chips in smartphones and other personal devices that might interact with retail CBDCs present another hardware integration challenge. These components will require updates to support quantum-resistant operations for end-user CBDC applications.
Given the stakes involved in national financial infrastructure, comprehensive testing of quantum-resistant implementations is essential. Several central banks have established specialized testing frameworks for evaluating post-quantum cryptography in CBDC contexts:
The European Central Bank’s quantum-resistant testbed for digital euro prototypes examines both the security properties and performance characteristics of various post-quantum implementations. Similarly, the Bank of Japan’s CBDC experiments now include dedicated quantum security testing phases, evaluating resistance against simulated quantum attacks while measuring transaction throughput and latency impacts.
These practical implementation challenges highlight why quantum security discussions have moved from theoretical cryptography departments to practical CBDC design teams across central banks worldwide.
Central banks around the world are adopting diverse approaches to addressing quantum security in their CBDC designs, reflecting different priorities, technical capabilities, and deployment timelines.
As one of the most advanced CBDC projects globally, China’s Digital Yuan (e-CNY) has incorporated quantum security considerations from early design stages. The People’s Bank of China has partnered with the Chinese Academy of Sciences to implement quantum-resistant algorithms in the e-CNY architecture. Recent technical documents indicate the system employs a hybrid cryptographic approach, maintaining compatibility with current systems while introducing quantum-resistant elements for long-term security.
The ECB has explicitly identified quantum computing as a key security consideration in its digital euro project. Their approach emphasizes cryptographic agility, with the technical architecture designed to facilitate algorithm transitions as quantum threats evolve. The ECB’s research partnership with quantum computing specialists aims to develop migration paths from current cryptographic standards to post-quantum alternatives without disrupting the broader financial ecosystem.
The Bank for International Settlements (BIS) Innovation Hub Nordic Centre’s Project Icebreaker, exploring cross-border CBDC transactions between Sweden, Norway and Israel, has incorporated quantum resilience testing in its technical evaluations. This project exemplifies how quantum security considerations affect not just domestic CBDC deployments but also the emerging infrastructure for international CBDC interoperability.
These diverse approaches highlight both the global recognition of quantum threats to CBDC security and the variety of technical and policy responses being developed. This international landscape of quantum-safe CBDC development will be a central topic at the World Quantum Summit 2025, where central bank representatives and quantum security experts will share insights on securing digital financial infrastructure against emerging quantum threats.
Beyond technical implementations, effective quantum security for CBDCs requires robust governance frameworks that can adapt to evolving threats. These frameworks must address several key areas:
The international nature of financial systems requires coordinated standards for quantum-resistant cryptography in CBDCs. Organizations like the International Organization for Standardization (ISO) are developing specific standards for quantum-safe cryptography in financial applications. ISO/TC 68/SC 2, focused on financial security, has established working groups specifically addressing quantum-resistant standards for financial services.
Similarly, the International Telecommunications Union (ITU) Focus Group on Quantum Information Technology for Networks is developing standards relevant to quantum-safe financial networks that will carry CBDC transactions. These emerging standards will play a crucial role in ensuring interoperability between different CBDC implementations while maintaining consistent security levels against quantum threats.
Central banks are developing specialized risk assessment methodologies for evaluating quantum threats to CBDC systems. These frameworks typically consider both the timeline for quantum capability development and the specific vulnerabilities in CBDC architectures.
The Bank of Canada’s quantum risk assessment model, for instance, combines technical evaluation of cryptographic vulnerabilities with intelligence assessments of quantum computing advancement timelines. This comprehensive approach enables risk-based decision making about when and how to implement quantum-resistant features in their CBDC designs.
Perhaps the most complex governance challenge is managing the transition from classical to quantum-resistant cryptography in operational CBDC systems. This transition requires not just technical changes but also coordinated action across the financial ecosystem.
The Bank for International Settlements has proposed a phased transition framework for quantum-safe CBDCs, incorporating parallel operations of classical and post-quantum systems during migration periods. This approach minimizes disruption while providing increasing protection against quantum threats as they materialize.
These governance considerations demonstrate that quantum security for CBDCs extends far beyond cryptographic algorithm selection, encompassing international coordination, risk management, and transition planning across the global financial system.
As quantum computing and CBDC technologies continue to evolve in parallel, several emerging trends will shape the intersection of these fields:
While post-quantum cryptography provides algorithm-based protection against quantum attacks, some central banks are exploring the integration of Quantum Key Distribution (QKD) for securing critical CBDC infrastructure. QKD uses quantum mechanical principles to establish secure communication channels that can detect eavesdropping attempts.
China has already demonstrated integration of QKD with financial networks, while the European Quantum Communication Infrastructure initiative is developing QKD networks that could eventually secure critical CBDC communication channels. Though QKD deployment faces significant practical challenges, its potential role in high-security CBDC applications continues to expand.
Beyond defending against quantum threats, some researchers are exploring how quantum technologies themselves might enhance CBDC security. Quantum random number generators, for instance, could provide truly unpredictable randomness for cryptographic operations in CBDC systems, improving security against certain attack vectors.
These quantum-enhanced security features represent an evolution from viewing quantum computing merely as a threat to recognizing its potential security benefits for next-generation financial infrastructure.
As CBDCs become increasingly interoperable across borders, quantum security considerations gain additional complexity. Projects like the BIS Innovation Hub’s Project Jura (between France and Switzerland) and Project mBridge (involving Thailand, Hong Kong, China, and the UAE) are now incorporating quantum resistance requirements into their cross-border CBDC designs.
These international CBDC bridges must address the challenge of maintaining quantum security across systems with different underlying architectures and security models—a problem that requires both technical solutions and policy coordination.
The future quantum-CBDC ecosystem will likely be characterized by continuous evolution, as advances in quantum computing capabilities drive corresponding enhancements in CBDC security models. This dynamic relationship underscores why forums like the World Quantum Summit that bring together experts from both domains are essential for navigating this complex technological frontier.
Designing CBDCs with quantum-safe security represents one of the most significant challenges at the intersection of financial infrastructure and advanced computing. As central banks worldwide accelerate CBDC development, the integration of quantum-resistant cryptography has evolved from a theoretical concern to an immediate design requirement.
The approaches outlined in this article—from post-quantum cryptographic foundations to international governance frameworks—illustrate how the financial sector is adapting to the quantum security challenge. The diversity of technical approaches and policy responses reflects both the complexity of the problem and the stakes involved in securing national financial infrastructure against emerging quantum threats.
What remains clear is that effective quantum-safe CBDC design requires unprecedented collaboration between central banks, cryptographers, quantum computing specialists, and security experts. This multidisciplinary approach, bringing together expertise across traditionally separate domains, will be essential for developing digital currencies that remain secure not just today but throughout the quantum computing era ahead.
As quantum computing continues its transition from theoretical possibility to practical reality, the security of our digital financial infrastructure will depend on this continued collaboration—precisely the kind of cross-sector innovation that defines the quantum computing landscape.
Ready to explore how quantum technologies are transforming financial security and other critical sectors? Join global leaders, researchers, and innovators at the World Quantum Summit 2025 in Singapore on September 23-25, 2025.
Experience hands-on workshops, certification programs, and live demonstrations showcasing quantum computing’s real-world applications—including breakthrough approaches to CBDC security.
World Quantum Summit 2025
Sheraton Towers Singapore
39 Scotts Road, Singapore 228230
23rd - 25th September 2025
