NIST published its first post-quantum cryptography standards in August 2024: FIPS 203, 204, and 205. This is not a theoretical announcement. It is the signal that migration must begin now, before the threat becomes concrete.
Why Now, When Quantum Computers Aren't Here Yet?
The post-quantum threat has a unique characteristic: it is retroactive. State actors are today collecting data encrypted with current algorithms (RSA, ECC) with the goal of decrypting it in 5 to 10 years, when quantum computers have sufficient power. This is the "harvest now, decrypt later" (HNDL) attack.
Data with value over 10 years — trade secrets, health data, classified information, diplomatic communications — is already compromised if it has been intercepted. Cryptographic migration does not protect the past. It protects the future.
The NIST Standards Published in August 2024
- FIPS 203 (ML-KEM) — Key encapsulation mechanism based on the Module-Lattice problem. Will replace ECDH and RSA for key exchange.
- FIPS 204 (ML-DSA) — Lattice-based digital signature. Will replace ECDSA and RSA for signatures.
- FIPS 205 (SLH-DSA) — Hash-based signature. Conservative alternative without dependence on lattice problems.
What Your Organization Must Do in 2026
1. Inventory your cryptographic usage
You cannot migrate what you haven't mapped. Where do you use RSA, ECC, ECDH? In which systems, APIs, certificates, communications? A cryptographic inventory is the prerequisite for any migration.
2. Prioritize by data lifespan
Not all data has the same temporal sensitivity. Prioritize migration for data whose confidentiality must be maintained beyond 2030. Ephemeral payment transactions are less urgent than long-term contracts or R&D data.
3. Adopt crypto-agility now
Design your systems to change cryptographic algorithms without architectural overhaul. This is the most durable investment: it protects you against future standard evolutions, not just post-quantum ones.
4. Test hybrid implementations
While awaiting full migration, hybrid schemes combine classical and post-quantum algorithms. If the post-quantum algorithm is compromised, the classical algorithm maintains security — and vice versa if a quantum computer emerges.
The Threat Horizon
Estimates vary, but US intelligence agencies consider that a cryptographically relevant quantum computer (CRQC) could exist between 2030 and 2035. The NSA recommends complete migration to post-quantum algorithms by 2030 for critical government systems.
The Valtieri team helps organizations assess their post-quantum exposure and define a cryptographic migration roadmap. Contact us.