PQC Tracker

Search

8 results for CISA

Mandates

  • MandateCISA Post-Quantum Cryptography Initiative

    CISA / US_FEDERAL

    CISA's Post-Quantum Cryptography Initiative provides guidance, tooling, and resources to help federal agencies and critical infrastructure operators assess quantum risk and migrate to post-quantum cryptography. It includes the PQC Roadmap, sector-specific guidance, and collaboration with NSA and NIST on transition planning. CISA also operates the PQC Coalition to share threat intelligence and migration best practices with the private sector.

  • MandateCSA Singapore Post-Quantum Cryptography Advisory

    CSA / SINGAPORE

    The Cyber Security Agency of Singapore (CSA) has published advisory guidance encouraging organisations to begin preparing for the post-quantum transition. CSA recommends following NIST PQC standards (FIPS 203, 204, 205), adopting cryptographic agility, and conducting cryptographic asset inventories. The advisory targets Singapore government agencies, financial institutions, and critical information infrastructure operators.

  • MandateNSA Commercial National Security Algorithm Suite 2.0

    NSA / US_FEDERAL

    NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) mandates transition timelines for National Security Systems (NSS) to post-quantum cryptographic algorithms. It supersedes CNSA 1.0 and establishes ML-KEM and ML-DSA as the required algorithms for NSS, with phased adoption milestones across firmware, software, and network equipment. The 2025 software and firmware deadline has passed; NSS networking equipment transitions are now active.

  • MandateEU NIS2 Directive — Cryptography & PQC Provisions

    ENISA / EU

    The EU Network and Information Security Directive 2 (NIS2, Directive 2022/2555) requires essential and important entities across the EU to implement appropriate cryptographic measures as part of a risk-based cybersecurity framework. ENISA's technical guidelines explicitly incorporate post-quantum cryptography readiness as a forward-looking requirement. Member states were required to transpose NIS2 into national law by October 2024.

  • MandateNIST SP 800-208: Stateful Hash-Based Signature Schemes

    NIST / US_FEDERAL

    NIST Special Publication 800-208 approves XMSS (RFC 8391) and LMS/HSS (RFC 8554) as stateful hash-based digital signature schemes for use in US federal information systems. These algorithms provide quantum-resistant signatures based solely on the security of cryptographic hash functions, with no reliance on structured algebraic hardness assumptions. Approved specifically for firmware and software signing use cases where signing volume is low and state can be managed carefully.

Issuers