CRYPTREC Post-Quantum Cryptography Guidelines
- Issuer
- Cryptography Research and Evaluation Committees(CRYPTREC)
- Effective date
- Mar 1, 2024
- Published date
- Mar 1, 2024
- Full text
- View full text →
Summary
Japan's Cryptography Research and Evaluation Committees (CRYPTREC) published guidelines on post-quantum cryptography readiness for Japanese government systems and industry, and updated the e-Government Recommended Ciphers List in 2025 to include NIST PQC algorithms. CRYPTREC's evaluation process monitors international PQC standardisation and provides recommendations aligned with NIST FIPS 203, 204, 205, and 206.
PKI impact
CRYPTREC's e-Government Recommended Ciphers List is advisory; organizations are encouraged but not mandated to follow it. Inclusion of ML-KEM and ML-DSA in the 2025 list signals the direction of future Japanese government procurement requirements, making early preparation strategically useful.
Migration hints
- Monitor CRYPTREC cipher list updates as the leading indicator for when Japanese government procurement requirements will begin mandating PQC-capable certificate infrastructure.
- For systems used in Japanese government contracts, begin evaluating ML-KEM and ML-DSA support in CA and HSM products to reduce time-to-compliance when requirements become mandatory.
- Use CRYPTREC evaluation reports as a reference for algorithm security assessments when briefing internal risk or compliance committees on PQC readiness.
- Track IPA (Information-technology Promotion Agency) guidance alongside CRYPTREC for sector-specific PQC implementation requirements in Japanese critical infrastructure.
Milestones (2)
| Deadline | Label | Type | Hard | Notes |
|---|---|---|---|---|
| Mar 31, 2025 | PQC algorithms added to CRYPTREC Recommended Ciphers List | Full Compliance | ML-KEM and ML-DSA added to the e-Government Recommended Ciphers List in the 2025 update cycle. | |
| Mar 31, 2027 | Government systems: begin PQC migration planning | Migration Plan | Japanese government agencies expected to develop PQC migration roadmaps aligned with the updated cipher list. |
Algorithm references (3)
- ML-KEMFIPS 203Recommended
Replaces: RSA, ECDH
ML-KEM (FIPS 203) added to the CRYPTREC e-Government Recommended Ciphers List in 2025.
- ML-DSAFIPS 204Recommended
Replaces: RSA, ECDSA
ML-DSA (FIPS 204) added to the CRYPTREC e-Government Recommended Ciphers List in 2025.
- SLH-DSAFIPS 205Noted
Replaces: RSA, ECDSA
SLH-DSA under ongoing CRYPTREC evaluation; listed as a candidate for future cipher list inclusion.
Changelog (2)
| Date | Type | Description |
|---|---|---|
| Mar 31, 2025 | Amendment | CRYPTREC updated the e-Government Recommended Ciphers List to include ML-KEM (FIPS 203) and ML-DSA (FIPS 204) as recommended algorithms for Japanese government systems. |
| Mar 1, 2024 | New | CRYPTREC published post-quantum cryptography guidelines and established a PQC study group to evaluate NIST PQC algorithms for the e-Government Recommended Ciphers List. |
Issuer
Cryptography Research and Evaluation CommitteesCRYPTREC
Type: STANDARDS BODY
Region: Japan