Post-Quantum Cryptography in Identity and Access Management: Readiness, Transition Strategies, and Compliance Implications

Kiran Kumar Pulipati

doi:10.64917/feet/Volume03Issue01-01

Open Access

Post-Quantum Cryptography in Identity and Access Management: Readiness, Transition Strategies, and Compliance Implications

https://doi.org/10.64917/feet/Volume03Issue01-01

PDF

Kiran Kumar Pulipati ¹

⁴ Department of Information Studies, Trine university, USA

Abstract

The swift rise in quantum computing casts a shadow on the efficacy of traditional IAM sheds. This research paper intends to define the ‘readiness ‘state of the IAM framework in relation to post-quantum cryptography (PQC) and the methodological approach needed to protect the transition. This focuses on the authentication, encryption and digital signing in the RSA, ECC, and Diffie-Hellman whos ease of access has been compromised to quantum computing. The case studies assess complexities such as RSA, ECC, and the Diffie-Hellman algorithm for authentication and encryption, alongside NIST policies, to configure the architecture. This also studies the policies on paramount underlying NIST HIPAA and GDPR that argue for slow, stepped migration to IM in the IAM framework. The research still retains quantum attacks as the foremost assaults to enterprise blockchain. As the case studies suggest, immense risks are associated with the rapidly emerging fundamental notions of interactivity, practicality, and IAM cryptography. Thus, the NIST PQC strategy possession and digital signing restraints suggest implementing a pluralistic encryption model and advocating compliance with the quartet that lowers the threshold to cryptography protected by PQC. The NIST HIPAA policies assert certain presumptions, as formulated, are presumed rational with more than sufficient backbone, and remain warm, unfrozen. The outcome is confident in saying that IAM frameworks require foresight while algorithmically synthesising responses to counter aggressor base… quantum-related forces.

How to Cite

Kumar Pulipati, K. (2026). Post-Quantum Cryptography in Identity and Access Management: Readiness, Transition Strategies, and Compliance Implications. Frontiers in Emerging Engineering & Technologies, 3(01), 01–12. https://doi.org/10.64917/feet/Volume03Issue01-01

⬇ Endnote/Zotero/Mendeley (RIS) ⬇ BibTeX

References

📄 Aldarwbi, M., Ghorbani, A.A. and Lashkari, A.H., 2024. The Quantum Shift in Group Communication: A Review and Analysis of Group Key Establishment from Classical to Advanced Quantum-Safe and Quantum-Based Solutions. Authorea Preprints. Available at https://www.techrxiv.org/doi/full/10.36227/techrxiv.173221587.74899261

📄 Anderson, J. and Nguyen, A., 2022. The Role of Identity and Access Management (IAM) in Securing Cloud Workloads. ResearchGate December. Available at https://www.researchgate.net/profile/Jessie-Anderson-8/publication/389518277_The_Role_of_Identity_and_Access_Management_IAM_in_Securing_Cloud_Workloads/links/67c660108311ce680c7b90d9/The-Role-of-Identity-and-Access-Management-IAM-in-Securing-Cloud-Workloads.pdf

📄 Aramide, O.O., 2022. Post-Quantum Cryptography (PQC) for Identity Management. ADHYAYAN: A JOURNAL OF MANAGEMENT SCIENCES, 12(02), pp.59-67. Available at https://smsjournals.com/index.php/Adhyayan/article/view/3373

📄 Available at https://dl.acm.org/doi/abs/10.1145/3465481.3465756

📄 Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., & Smith-Tone, D. (2020). Report on Post-Quantum Cryptography. NISTIR 8105. National Institute of Standards and Technology.

📄 Cultice, B., Irwin, E. and Jones, M., 2023. Accounting for spatial economic interactions at local and meso scales in integrated assessment model (IAM) frameworks: challenges and recent progress. Environmental Research Letters, 18(3), p.035009. Available at https://iopscience.iop.org/article/10.1088/1748-9326/acbce6/meta

📄 Ettaloui, N., Arezki, S. and Gadi, T., 2023. An overview of blockchain-based electronic health records and compliance with GDPR and HIPAA. Data and Metadata, 2, pp.166-166. Available at https://scholar.archive.org/work/cuf2bptrjbdfdbosywp4obcq2q/access/wayback/https://dm.saludcyt.ar/index.php/dm/article/download/166/307

📄 Guthoff, C., Anell, S., Hainzinger, J., Dabrowski, A. and Krombholz, K., 2023, May. Perceptions of distributed ledger technology key management-an interview study with finance professionals. In 2023 IEEE Symposium on Security and Privacy (SP) (pp. 588-605). IEEE. Available at https://ieeexplore.ieee.org/abstract/document/10335652/

📄 Jurczuk, M. and Suprunowicz, M., 2024. Consent in data privacy: a general comparison of GDPR and HIPAA. Przegląd Prawniczy Uniwersytetu im. Adam Mickiewicza, 16, pp.173-194. Available at https://www.ceeol.com/search/article-detail?id=1343065

📄 Mamatha, G.S., Dimri, N. and Sinha, R., 2024. Post-quantum cryptography: Securing digital communication in the quantum era. arXiv preprint arXiv:2403.11741. Available at https://smsjournals.com/index.php/Adhyayan/article/view/3373

📄 Marchsreiter, D., 2025. Towards quantum‐safe blockchain: Exploration of PQC and public‐key recovery on embedded systems. IET Blockchain, 5(1), p.e12094. Available at https://ietresearch.onlinelibrary.wiley.com/doi/abs/10.1049/blc2.12094

📄 Mohan, D.R., 2025. AI-Driven Integration of Legacy IAM Services into AWS Cloud-Based Microservice Architectures: A Scalable Framework for Secure Identity Management. Available at https://philpapers.org/rec/RAJAIO

📄 Olorunlana, T.J., 2024. Securing Healthcare Data in the Cloud under HIPAA and NIST Frameworks [online] Available at https://www.researchgate.net/profile/Taiwo-Olorunlana/publication/393609684_Securing_Healthcare_Data_in_the_Cloud_under_HIPAA_and_NIST_Frameworks/links/68713c44dd6b84447df7e4c0/Securing-Healthcare-Data-in-the-Cloud-under-HIPAA-and-NIST-Frameworks.pdf

📄 Paul, J., 2023. Regulatory Compliance and Zero Trust: How Organizations Can Meet NIST 800-207, GDPR, and HIPAA Standards. Available at https://www.researchgate.net/profile/Joel-Paul-10/publication/389166942_Regulatory_Compliance_and_Zero_Trust_How_Organizations_Can_Meet_NIST_800-_207_GDPR_and_HIPAA_Standards/links/67b7306cf5cb8f70d5b5de65/Regulatory-Compliance-and-Zero-Trust-How-Organizations-Can-Meet-NIST-800-207-GDPR-and-HIPAA-Standards.pdf

📄 Ricci, S., Malina, L., Jedlicka, P., Smékal, D., Hajny, J., Cibik, P., Dzurenda, P. and Dobias, P., 2021, August. Implementing CRYSTALS-Dilithium signature scheme on FPGAs. In Proceedings of the 16th International Conference on Availability, Reliability and Security (pp. 1-11). Available at https://dl.acm.org/doi/abs/10.1145/3465481.3465756

📄 Ricci, S., Malina, L., Jedlicka, P., Smékal, D., Hajny, J., Cibik, P., Dzurenda, P. and Dobias, P., 2021, August. Implementing CRYSTALS-Dilithium signature scheme on FPGAs. In Proceedings of the 16th International Conference on Availability, Reliability and Security (pp. 1-11).

📄 Sharath, H.A., Vrindavanam, J., Dana, S. and Prasad, S.N., 2025. Quantum-Resilient Cryptography: A Survey on Classical and Quantum Algorithms. IEEE Access. Available at https://www.academia.edu/download/121080605/Cyber_Security_Implications_of_Quantum_Computing_Shor_s_Algorithm_and_Beyond.pdf

📄 Singh, C., Thakkar, R. and Warraich, J., 2023. IAM identity Access Management—importance in maintaining security systems within organizations. European Journal of Engineering and Technology Research, 8(4), pp.30-38. Available at Available at https://www.ej-eng.org/index.php/ejeng/article/view/3074

📄 Singh, C., Thakkar, R. and Warraich, J., 2023. IAM identity Access Management—importance in maintaining security systems within organizations. European Journal of Engineering and Technology Research, 8(4), pp.30-38. Available at https://www.ej-eng.org/index.php/ejeng/article/view/3074

📄 SS, A. and Devprasad, K.D., 2024. Enhancing security in Wireless Body Area Networks (WBANs) with ECC-based Diffie-Hellman Key Exchange algorithm (ECDH). Technology and Health Care, 32(6), pp.4765-4784. Available at https://journals.sagepub.com/doi/abs/10.3233/THC-231614

📄 Tom, J.J., Anebo, N.P., Onyekwelu, B.A., Wilfred, A. and Eyo, R.E., 2023. Quantum computers and algorithms: a threat to classical cryptographic systems. Int. J. Eng. Adv. Technol, 12(5), pp.25-38.. Available at https://www.researchgate.net/profile/Bukola-Onyekwelu/publication/371963926_Quantum_Computers_and_Algorithms_A_Threat_to_Classical_Cryptographic_Systems/links/64dcbda078e40b48bd4ec9d4/Quantum-Computers-and-Algorithms-A-Threat-to-Classical-Cryptographic-Systems.pdf

📄 UZOKA, A.C., OGEAWUCHI, J.C., Abayomi, A.A., Agboola, O.A. and Gbenle, T.P., 2021. Advances in Cloud Security Practices Using IAM, Encryption, and Compliance Automation. Iconic Research and Engineering Journals, 5(5), pp.432-456. Available at https://www.researchgate.net/profile/Jeffrey-Ogeawuchi/publication/392708570_Advances_in_Cloud_Security_Practices_Using_IAM_Encryption_and_Compliance_Automation/links/684ee9db24267473b7776cab/Advances-in-Cloud-Security-Practices-Using-IAM-Encryption-and-Compliance-Automation.pdf

📄 Vakarjuk, J., Snetkov, N. and Laud, P., 2024, May. Identifying Obstacles of PQC Migration in E-Estonia. In 2024 16th International Conference on Cyber Conflict: Over the Horizon (CyCon) (pp. 63-81). IEEE. Available at https://ieeexplore.ieee.org/abstract/document/10685570/

📄 Vyavahare, R.R., 2025. Exploring Hybrid Encryption for Enhanced Security of Electronic Health Record in Cloud Environment (Doctoral dissertation, Dublin, National College of Ireland). Available at https://norma.ncirl.ie/8063/

📄 Wiesmaier, A., Alnahawi, N., Grasmeyer, T., Geißler, J., Zeier, A., Bauspieß, P. and Heinemann, A., 2021. On PQC migration and crypto-agility. arXiv preprint arXiv:2106.09599. Available at https://arxiv.org/abs/2106.09599

📄 Zhou, Y. and Zhu, E., 2024. A new image encryption based on hybrid heterogeneous time-delay chaotic systems. AIMS Mathematics, 9(3), pp.5582-5608. Available at https://www.aimspress.com/aimspress-data/math/2024/3/PDF/math-09-03-270.pdf

📄 References of Figure

📄 Apriorit, 2022. Preparing Your Software for Post-Quantum Cryptography: A Practical Guide to Crypto-Agility. Available at https://www.apriorit.com/dev-blog/prepare-for-post-quantum-cryptography-with-crypto-agility

📄 B. Ranganatha Rao, B. Sujatha, 2023. A hybrid elliptic curve cryptography (HECC) technique for fast encryption of data for public cloud security. Available at https://www.sciencedirect.com/science/article/pii/S2665917423002064

📄 Darkreading, 2020. A Guide to the NIST Cybersecurity Framework. Available at https://www.darkreading.com/physical-security/a-guide-to-the-nist-cybersecurity-framework

📄 Kaushik Mazumdar, 2024. State-of-the-art analysis of quantum cryptography: applications and future prospects. Available at https://www.frontiersin.org/journals/physics/articles/10.3389/fphy.2024.1456491/full

📄 Sunil Kumar, 2025. HIPAA vs GDPR Compliance: A Guide for Businesses. Available at https://www.ailoitte.com/blog/hippa-vs-gdpr/

📄 Swastik Kumar SahuKaushik Mazumdar

📄 Umesh Kumar, 2024. Hybrid Cryptography: The Key to Secure Data In Cloud Computing. Available at https://www.google.com/url?sa=i&url=https%3A%2F%2Ftechbullion.com%2Fhybrid-cryptography-the-key-to-secure-data-in-cloud-computing%2F&psig=AOvVaw1xPg2H0vCZjpn8nLIK7SEy&ust=1759166905501000&source=images&cd=vfe&opi=89978449&ved=0CBgQjhxqFwoTCJiihcj9-48DFQAAAAAdAAAAABAy

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors retain the copyright of their articles published in this journal. All articles are licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). This license permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are properly cited.