The migration clock is running

Tracking the world's shift to post-quantum cryptography.

Key dates, mandates, and daily news on the largest cryptographic migration in history — and what your organization needs to do before Q-Day.

2027

All new U.S. national security system acquisitions must be CNSA 2.0 compliant (Jan 1)

2030

RSA-2048 / ECC P-256 deprecated for new federal systems; symmetric & pre-shared keys phased out

2035

Quantum-vulnerable algorithms disallowed; full PQC migration target (NSM-10)

Milestone timeline

Aug 2024

NIST finalizes FIPS 203, 204, 205 (ML-KEM, ML-DSA, SLH-DSA) — the first post-quantum standards, ending an eight-year evaluation and triggering the global migration.

2025–26

Roadmaps & early migration. EU member states publish national PQC strategies and begin cryptographic inventories by end of 2026. Vendors ship PQC-enabled products (AT&T/Cisco PQC SD-WAN, May 2026). Google, Cloudflare target 2029 internal completion.

Jan 2027

CNSA 2.0 hard gate. All new U.S. national security system acquisitions must use quantum-resistant algorithms. Software & firmware signing face exclusive-use requirements. Treated as a hard deadline for the defense industrial base.

2030

Deprecation begins. 112-bit algorithms (RSA-2048, ECC P-256) deprecated for new federal deployments per NIST IR 8547. Symmetric and pre-shared keys phased out (DoW Nov-2025 memo). Legacy equipment unable to support CNSA 2.0 must complete transition. BCG: "starting in 2030 will already be too late."

2035

Full migration deadline. Quantum-vulnerable algorithms disallowed for federal systems, including legacy interoperability. NSM-10 target for widespread PQC adoption. EU completes medium-risk use-case migration.

Note on Q-Day: No cryptographically-relevant quantum computer exists yet, but several labs are racing to build one and Cloudflare notes timelines have been "pulled forward" from the classic 2035+ estimates. The "harvest now, decrypt later" threat means data with long confidentiality horizons is already at risk today.

How to prepare

STEP 01

Inventory your cryptography

Discover every place RSA, ECC, DH and ECDSA are used — TLS, VPNs, code signing, databases, certificates. You can't migrate what you can't see. Mandated annually for U.S. federal systems under OMB M-23-02.

STEP 02

Assess & prioritize risk

Rank systems by data confidentiality lifetime and exposure. Long-lived secrets are most vulnerable to "harvest now, decrypt later." Map dependencies and migration complexity.

STEP 03

Build crypto-agility

Architect systems so algorithms can be swapped without re-engineering. The EU Cyber Resilience Act now requires support for updatable cryptographic mechanisms over time.

STEP 04

Pilot hybrid PQC

Deploy hybrid (classical + PQC) key exchange on high-priority paths now. PQC runs on existing hardware. Realistic enterprise timelines run 42–54 months — start early.

Daily news

LIVE FEED

Automating this feed: the stories below are a hand-curated launch set. See my notes after this site on how to wire up an auto-updating daily feed (RSS aggregation + a scheduled job, or an LLM-summarized digest).