The United States applies defense-in-depth as a foundational principle in nuclear deterrence, missile defense, cyber architecture, and critical infrastructure protection. In each of these domains, the nation stakes its security on layered protection rather than concentrating all resilience on a single assumption. Quantum-era cryptographic resilience is the conspicuous exception.
Current US policy concentrates all critical infrastructure protection against the quantum cryptographic threat on a single class of mathematical assumption: Post-Quantum Cryptography (PDQ). PQC is the right answer for the overwhelming majority of CI links. The NIST standards are sound. The migration frameworks are structurally coherent. For enterprise, cloud, and operational technology environments where the risk is harvest-now-decrypt-later exposure on traffic with finite confidentiality horizons, PQC is dramatically more cost-effective and scalable than any alternative.
But the question that has not been asked with sufficient rigor is whether PQC alone is an acceptable posture for the small number of Tier-1 CI links where the cost of being wrong is catastrophic and irreversible: nuclear command segments, financial settlement backbones, and bulk power control networks. These are the links where confidentiality horizons are permanent or multi-decade, where compromise enables physical consequences or systemic financial disruption, and where algorithmic failure is not recoverable through patching after the fact.
In a new ICIT paper, Entangled Migrations: PQC, QKD, and US–PRC Risk Postures for Critical Infrastructure, I examine why this question requires a different analytical framework than the one current policy provides. The paper is a direct successor to ICIT’s February 2026 Quantum-Resilient Convergence analysis, which established that PQC migration and AI/LEO infrastructure modernization share a closing window in the early 2030s. Entangled Migrations extends that convergence logic into a second dimension: the parallel emergence of Quantum Key Distribution as a live infrastructure investment on the same timeline, and the structurally divergent risk choices the United States and the People’s Republic of China are making across both PQC and Quantum Key Distribution (QKD) for their most consequential CI links.
PQC and QKD Are Not Independent Alternatives
The policy conversation still treats PQC and QKD as competing paradigms. The paper demonstrates why that framing is analytically incomplete. PQC and QKD are structurally coupled through five mechanisms that cause them to share failure modes in ways that affect CI operators regardless of which technology they deploy.
QKD’s operational security depends on PQC at the authentication layer. Both technologies share partial-deployment downgrade vulnerabilities during migration. Both face hardware maturity constraints on overlapping timelines. QKD’s trusted-node relay architecture reintroduces the concentrated classical chokepoints that quantum-era cryptography was designed to escape. And these mechanisms compound during the transition period in which both states are making the infrastructure decisions that will determine their cryptographic postures for the following decade.
A risk framework that evaluates PQC in isolation will miss the ways QKD’s global emergence changes the risk landscape even for PQC-only operators. A framework that evaluates QKD as an independent hedge will miss the ways QKD inherits PQC’s failure modes at the authentication layer.
The Divergence Is in Risk Allocation, Not Deployment Scale
The PRC has built over 12,000 kilometers of QKD backbone infrastructure with 145 trusted relay nodes, integrated into operational banking, grid control, and government communications. It is simultaneously pursuing a domestic PQC stack. The PRC has purchased defense-in-depth against algorithmic failure at the cost of permanent infrastructure chokepoints, governance entanglement, and elevated transitional exploitation exposure.
The United States has purchased operational simplicity and a narrower transitional attack surface at the cost of concentrating all Tier-1 CI protection on a single class of mathematical assumption. Federal policy has produced a comprehensive PQC migration framework while producing no guidance at all for QKD. Meanwhile, CI operators including major financial institutions and DOE-funded energy utilities are deploying QKD on their own initiative, without a federal framework to reference, producing an emergent patchwork that reproduces the compound failure modes of a deliberate dual deployment without the corresponding algorithmic hedge.
The question the paper poses is not which state has built more. It is which failure modes each state has chosen to live with on the links where failure is catastrophic, and whether those choices were made by design or by institutional inertia.
What Tier-1 CI Risk Owners Should Take from This
The paper does not argue that the United States should deploy QKD. That determination requires a Tier-1-specific risk assessment that does not currently exist. What the paper argues is that the assessment must be conducted.
For CI risk owners navigating PQC migration planning: the capital expenditure and vendor commitments your organization locks in over the next 18 to 24 months will determine its quantum-era cryptographic posture through the early 2030s. The ICIT convergence analysis established that the window to embed cryptographic resilience into AI and LEO infrastructure closes on that same horizon. Entangled Migrations provides the coupled-system framework that current risk assessments lack: the structural mechanisms through which PQC and QKD share failure modes, the empirical deployment divergence between the US and PRC, and the specific conditions under which single-assumption concentration on Tier-1 links is either a defensible risk acceptance or an unexamined institutional inheritance. The paper does not argue for a particular outcome. It argues that the assessment must be conducted, with the same defense-in-depth rigor the United States applies to every other domain where it stakes national security on layered protection, before the infrastructure decisions that would enable or foreclose a layered posture are made by default.
The full paper is available here.
