University of Bahrain
College of Information Technology
Department of Information Systems
Senior Project • ITCY 499 • Academic Year 2025-2026 Semester 1
Explore the ProjectPrepared by: Maryam Rashed Alkawari • Saeeda Mohammed Alansari • Danah Mohammed Alkhan
Project Supervisor: Dr. Alya Sayed Alkameli
Project Summary
The emergence of quantum computing poses an unexpected threat to current cryptography, as quantum algorithms like Shor's algorithm will make widely used encryption methods such as RSA and ECC obsolete. The “Harvest Now, Decrypt Later” threat introduces another level of urgency. Although NIST standardized post-quantum algorithms in 2024, current IT governance standards have a lack of clear transition requirements.
This research developed the Post-Quantum Cryptography Governance Framework (PQC-GF), a comprehensive roadmap enabling organizations to systematically transition to quantum-resistant cryptographic systems. The PQC-GF consists of five domains: QRAS, PQPA, IAD, OAM, and CAA. Three surveys were conducted: an awareness survey with 128 public respondents, and pre- and post-presentation surveys for 35 cybersecurity students. Four cryptographic prototypes demonstrate the differences between classical cryptography and post-quantum cryptography in practical scenarios. The PQC-GF fills the existing gap offering an applicable framework that is tailored based on organizational maturity level, risk profile, and availability of resources.
The Challenge
Quantum computers have the potential to break the encryption protecting our banks, hospitals, governments, and businesses. Organizations must start preparing now, but most do not know how to begin.
How do we find and assess all quantum-vulnerable systems?
Which post-quantum algorithm should we use, and where?
How do we migrate without breaking everything?
Our Solution
A comprehensive five-domain framework designed to guide organizations through quantum-safe transitions.
Establishing quantum threat understanding and strategic direction
Designing quantum-safe target states and migration approaches
Executing post-quantum cryptography implementations
Managing ongoing post-quantum cryptography operations
Ensuring regulatory compliance and stakeholder confidence
Research Findings
Technical Validation
Demonstrating 4 Implementation methods classical and post-quantum encryption systems.
Quantum-resistant key exchange with text and image encryption in under 20 milliseconds.
NIST-standardized lattice-based cryptography
Authenticated encryption with digital signatures for data integrity in 127-167 milliseconds.
NIST-standardized signature algorithm
Traditional public-key encryption with hybrid approach for larger files. Baseline comparison.
Current industry standard (quantum-vulnerable)
Simulated quantum cryptography with QR code-based key distribution demonstrating QKD principles.
Quantum communication protocol simulation
Our Team
University of Bahrain • College of Information Technology • Department of Information Systems
ITCY 499 - Senior Project • Academic Year 2025-2026 Semester 1