No. S/MIME and PGP use RSA or ECDH for key exchange and RSA or ECDSA for signatures. All are Shor-vulnerable.
Key Takeaway: Email Encryption is NOT quantum safe. Assess email encryption usage with a cryptographic inventory. Transition sensitive communications to PQC-protected channels.
Email encryption is NOT quantum safe. S/MIME (enterprise) and PGP/GPG (privacy-focused users) both rely on quantum-vulnerable algorithms. S/MIME certificates typically use RSA-2048. PGP keys use RSA or ECDSA. Email is particularly vulnerable to HNDL attacks because emails are stored indefinitely, metadata reveals communication patterns, and encrypted emails sent today will be readable when quantum computers mature.
| Full Name | Email Encryption (S/MIME, PGP) |
| Category | communication |
| Quantum Vulnerability | S/MIME and PGP use RSA/ECDH key exchange and RSA/ECDSA signatures — all Shor-vulnerable. |
| NIST Status | IETF is drafting PQC extensions for S/MIME and OpenPGP. No production standard yet. |
| Deprecation Timeline | PQC email standards expected 2026-2027. Migrate high-sensitivity communications immediately. |
| Replaced By | PQC S/MIME (draft) with ML-KEM for key exchange and ML-DSA for signatures |
Assess email encryption usage with a cryptographic inventory. Transition sensitive communications to PQC-protected channels.
QScout discovers every instance of Email Encryption across your infrastructure in 7 days — with zero operational disruption. 72-hour time to first findings.