Quantum Safe Backend: Design and Implementation of a Post-Quantum Cryptographic Secure Storage and Communication Platform

The accelerating development of large-scale quantum computers poses an existential threat to the public-key cryptographic infrastructure that underpins modern digital communication. Algorithms such as RSA and Elliptic Curve Cryptography (ECC), which currently secure internet traffic, digital signatures, and data-at-rest, are vulnerable to Shor's algorithm running on a sufficiently powerful quantum processor. In response, the U.S. National Institute of Standards and Technology (NIST) finalized the first post-quantum cryptography (PQC) standards in August 2024—FIPS 203 (ML-KEM/Kyber), FIPS 204 (ML-DSA/Dilithium), and FIPS 205 (SLH-DSA/SPHINCS+)—marking the beginning of a global migration toward quantum-resistant cryptography.

This paper presents a hybrid C++/Python secure storage and communication platform (source code available at https://github.com/Sujithb128989/Quantum-Safe-Backend) that implements NIST-selected PQC algorithms in a production-oriented architecture. The backend employs CRYSTALS-Dilithium5 for quantum-resistant transport authentication, Kyber for key encapsulation, and AES-256-GCM for symmetric encryption-at-rest, delivered through a dual-stack gRPC/HTTP architecture containerized with Docker. We describe the system's design rationale, detail the cryptographic pipeline from certificate generation to atomic key rotation, and discuss the engineering challenges of integrating post-quantum primitives into real-world software systems.