Post-quantum cryptography includes those asymmetric cryptographic methods that cannot be broken by a quantum computer. Almost all asymmetric methods currently used in practice – especially RSA and Diffie-Hellman – do not belong to post-quantum cryptography, as they are quite vulnerable to a quantum computer. In contrast, lattice methods and hash-based methods, among others, are considered quantum-safe. The transition to post-quantum cryptography, which should take place before quantum computers are ready for practical use, is an important task for the coming years.