Search

CISA / US_FEDERAL

CISA's Post-Quantum Cryptography Initiative provides guidance, tooling, and resources to help federal agencies and critical infrastructure operators assess quantum risk and migrate to post-quantum cryptography. It includes the PQC Roadmap, sector-specific guidance, and collaboration with NSA and NIST on transition planning. CISA also operates the PQC Coalition to share threat intelligence and migration best practices with the private sector.

ASD / AUSTRALIA

The Australian Signals Directorate (ASD) advises Australian government agencies and critical infrastructure operators to plan for post-quantum cryptography migration in alignment with NSA CNSA 2.0 and NIST PQC standards. ASD recommends ML-KEM and ML-DSA for new systems and urges organisations to complete cryptographic inventories and embed cryptographic agility into procurement processes.

IETF / GLOBAL

The IETF has standardized how post-quantum cryptographic algorithms are deployed in internet protocols including TLS 1.3, X.509 certificates, CMS, and SSH. Published RFCs include RFC 8391 (XMSS), RFC 8554 (LMS/HSS), and RFC 9370 (ML-KEM in TLS 1.3). Active work in the LAMPS working group has produced X.509 certificate profile RFCs for ML-DSA and SLH-DSA. These protocol-level standards are essential for real-world PQC deployment across internet infrastructure.

CRYPTREC / JAPAN

Japan's Cryptography Research and Evaluation Committees (CRYPTREC) published guidelines on post-quantum cryptography readiness for Japanese government systems and industry, and updated the e-Government Recommended Ciphers List in 2025 to include NIST PQC algorithms. CRYPTREC's evaluation process monitors international PQC standardisation and provides recommendations aligned with NIST FIPS 203, 204, 205, and 206.

ETSI / GLOBAL

ETSI's Industry Specification Group on Quantum Safe Cryptography (ISG QSC) produces technical specifications and migration guidance for deploying post-quantum cryptography in real protocols. Key publications include ETSI TS 103 744 defining quantum-safe hybrid key exchanges that combine classical and PQC algorithms for TLS and other protocols, and ETSI TR 103 619 covering migration strategies. ETSI's work is complementary to NIST standards and directly informs EU and international deployment guidance.

CSA / SINGAPORE

The Cyber Security Agency of Singapore (CSA) has published advisory guidance encouraging organisations to begin preparing for the post-quantum transition. CSA recommends following NIST PQC standards (FIPS 203, 204, 205), adopting cryptographic agility, and conducting cryptographic asset inventories. The advisory targets Singapore government agencies, financial institutions, and critical information infrastructure operators.

NCSC / UK

The UK National Cyber Security Centre (NCSC) provides guidance on migrating to post-quantum cryptography, urging UK organisations to begin planning immediately. The NCSC recommends following NIST-standardised PQC algorithms and adopting a hybrid approach during transition. Aligned with the UK Government Cyber Security Strategy 2022–2030, the guidance targets government departments, critical national infrastructure operators, and large enterprises.

BSI / GERMANY

The German Federal Office for Information Security (BSI) provides a comprehensive migration guide for transitioning to post-quantum cryptography. BSI endorses a hybrid approach combining classical and PQC algorithms during the transition period and recommends NIST-standardised algorithms. The BSI technical guidelines (BSI TR-02102) are updated to incorporate ML-KEM and ML-DSA as recommended algorithms for German federal systems and industry.

ANSSI / FRANCE

France's ANSSI published a position paper recommending a hybrid cryptographic approach during the PQC transition period, combining classical algorithms with post-quantum algorithms to ensure security even if newly-standardised PQC algorithms later prove vulnerable. ANSSI supports migration to NIST PQC standards but advocates retaining classical protection until PQC algorithms have accumulated sufficient real-world operational validation.

NIST / US_FEDERAL

NIST Internal Report 8547 provides guidance on transitioning from classical public-key cryptographic algorithms (RSA, ECDSA, ECDH, DH) to the post-quantum standards defined in FIPS 203, 204, 205, and 206. It identifies classical algorithms slated for deprecation and establishes a timeline for disallowing their use in federal systems. The final version was published in 2025 following the initial public draft of November 2024.

ETSI — Global

https://www.etsi.org/technologies/quantum-safe-cryptography