Global PQC deadlines are set — but the algorithms aren't converging. CNSA 2.0 compliance starts in 2027. Most nations target 2035 for full migration. China has announced independent standards on different mathematics, targeting 2029. Organizations with cross-jurisdictional exposure face migration tracks with varied algorithm requirements. The timeline below helps show you who expects what and when. [PQ]probe tells you if you're getting closer or further away.
| Deadline | Requirement |
|---|---|
| Aug 2024 | NIST releases final PQC standards (ML-KEM, ML-DSA, SLH-DSA) |
| Dec 2025 | NSS must meet CNSA 1.0 or obtain waiver |
| Jan 2027 | All new NSS acquisitions must be CNSA 2.0 compliant |
| Jan 2030 | All NSS software/firmware using PQC signatures; TLS 1.3 required |
| 2033 | Final mandatory compliance for most system types |
| 2035 | Pure PQC (no hybrid) required for National Security Systems |
| Deadline | Requirement |
|---|---|
| Dec 2025 | Complete cryptographic inventory of all vulnerable systems |
| 2026-2027 | Run hybrid pilot deployments (e.g., X25519 + ML-KEM) |
| Dec 2030 | Critical infrastructure fully PQC compliant |
| 2035 | All remaining systems migrated |
| Phase | Timeline | Activity |
|---|---|---|
| Awareness | 2025-2027 | Quantum threat awareness, critical system mapping |
| Inventory | 2025-2028 | Full systems inventory with third-party dependencies |
| Migration Start | 2026-2029 | Begin migration for all systems |
| Critical Systems | 2030-2032 | Complete critical system migration |
| Full Compliance | 2034 | All financial sector PQC compliant |
| Country | Agency | Key Deadline | Requirement |
|---|---|---|---|
| π¬π§ UK | NCSC | 2028-2031 | Prioritize & pilot critical systems |
| π¬π§ UK | NCSC | 2035 | Full migration complete |
| π©πͺ Germany | BSI | 2030 | Classical encryption deprecated for high-sensitivity (standalone) |
| π©πͺ Germany | BSI | 2031 | Classical encryption deprecated for general use (standalone) |
| π©πͺ Germany | BSI | 2035 | Classical signatures deprecated (standalone) |
| π¦πΊ Australia | ASD | 2030 | Eliminate classical public-key crypto |
| π¨π¦ Canada | CCCS | 2035 | Complete PQC transition for non-classified IT |
| π―π΅ Japan | CRYPTREC | 2035 | Full PQC transition (aligning with US/EU) |
| π°π· South Korea | KISA/NIS | 2035 | Complete PQC transition (includes KpqC domestic algorithms) |
| π¨π³ China | TC260 | 2029 | National PQC standards expected (structureless lattice algorithms; finance & energy priority sectors) |
| π¨π³ China | TC260 | TBD | Full migration timeline not yet announced |
| Regulation | Effective | PQC-Relevant Requirement |
|---|---|---|
| PCI DSS 4.0 | Apr 2025 | Annual crypto inventory + cipher review (Req 12.3.3) |
| πͺπΊ NIS2 Directive | Oct 2024 | Mandatory encryption for 15+ critical sectors |
| πͺπΊ DORA | Jan 2025 | "Robust cryptographic controls" for financial entities |
| πΊπΈ OMB M-23-02 | 2023 | Federal agencies must inventory crypto systems |
| Agency | Digital Signatures | Key Encapsulation |
|---|---|---|
| πΊπΈ NIST | ML-DSA, SLH-DSA | ML-KEM (HQC coming) |
| πΊπΈ NSA | ML-DSA, SLH-DSA, LMS | ML-KEM |
| π©πͺ BSI | SLH-DSA, ML-DSA L3/L5, LMS/XMSS | ML-KEM |
| π«π· ANSSI | ML-DSA, FN-DSA L3/L5, SLH-DSA | ML-KEM |
| π¬π§ NCSC | ML-DSA-65, SLH-DSA, LMS/XMSS | ML-KEM |
| π―π΅ CRYPTREC | ML-DSA, SLH-DSA | ML-KEM |
| π°π· KISA | ML-DSA, SLH-DSA + KpqC (domestic) | ML-KEM + KpqC (domestic) |
| π¨π³ China TC260 | TBD (structureless lattice candidates) | TBD (S-Cloud+ candidate) |