Global PQC Efforts

The US leads global PQC standardization through NIST, which released the first three finalized PQC standards in August 2024: ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205). The NSA's CNSA 2.0 suite mandates that all new National Security Systems acquisitions must be quantum-safe by 2027, with full migration by 2033-2035. NIST IR 8547 will deprecate all quantum-vulnerable algorithms by 2035.

• NIST Post-Quantum Cryptography ProjectThe main PQC standardization hub
• NIST IR 8547 - Transition to Post-Quantum Cryptography StandardsDeprecation roadmap for quantum-vulnerable algorithms
• NSA Post-Quantum Cybersecurity ResourcesCNSA 2.0 guidance and algorithm specifications
• NIST NCCoE Migration to PQC ProjectPractical migration guidance for organizations

The EU published a Coordinated Implementation Roadmap for PQC transition in June 2025, recommending all Member States begin national strategies by end of 2026 and complete critical infrastructure transition by 2030. Eighteen EU Member States issued a joint statement urging organizations to make PQC transition a "top priority." ETSI has launched new standards for quantum-safe hybrid key exchanges.

• EU Coordinated Implementation Roadmap for PQCOfficial EU-wide migration roadmap
• EU PQC Cybersecurity AnnouncementPolicy announcement on PQC transition
• ETSI Quantum-Safe Hybrid Key Exchange StandardNew standards for hybrid PQC key exchange mechanisms

The Netherlands is a European leader in PQC readiness. The AIVD, together with TNO and CWI, published the PQC Migration Handbook (2nd edition, December 2024) with a three-step approach: Quantum-Vulnerability Diagnosis, Planning, and Execution. TNO developed the free PQChoiceAssistant tool to help organizations select PQC methods. The Netherlands co-organized the European Conference on PQC Migration in The Hague.

• AIVD PQC Migration Handbook (2024 edition)Comprehensive 3-step migration guide by AIVD, TNO & CWI
• PQC Migration Handbook (PDF)Direct download of the full handbook
• Digitale Overheid - PQC HulpmiddelenPQChoiceAssistant and other Dutch government PQC tools
• NCSC-NL: Make Your Organization Quantum Secure (PDF)Practical guide for Dutch organizations

Germany's BSI is one of the most active European agencies on PQC. BSI recommends FrodoKEM, Classic McEliece, and ML-KEM for key encapsulation, and SLH-DSA, ML-DSA, LMS/XMSS for signatures. BSI mandates a hybrid approach (combining classical + post-quantum) and requires crypto-agility in all new products. BSI co-led the joint European statement calling for PQC transition of the most sensitive applications by 2030.

• BSI: Quantum Technologies and Post-Quantum CryptographyOfficial BSI PQC portal with recommendations and guidelines
• Joint Statement from 21 European States (PDF)Co-led by BSI: urgent call for PQC migration

ANSSI published position papers defining a three-phase approach. Phase 1 (current) uses hybridization for defense-in-depth. Phase 2 (from 2025) provides full post-quantum security assurance through hybrid schemes. Phase 3 (from 2030) allows optional standalone PQC. ANSSI strongly emphasizes that post-quantum algorithms are not yet mature enough to be used alone, making hybrid deployments mandatory.

• ANSSI Views on the Post-Quantum Cryptography TransitionOfficial ANSSI position paper on PQC migration
• Follow-up Position Paper on PQC (PDF)Updated guidance on the three-phase approach

The UK NCSC published a comprehensive PQC migration roadmap in March 2025 with three phases. Phase 1 (by 2028) covers discovery and migration planning. Phase 2 (2028-2031) executes high-priority migrations. Phase 3 (2031-2035) completes migration across all systems. NCSC endorses NIST-standardized algorithms and emphasizes crypto-agility and hybrid approaches.

• NCSC PQC Migration TimelinesOfficial three-phase migration timeline
• NCSC PQC Migration Roadmap AnnouncementPress release with roadmap details

China has launched its own independent PQC standardization process, diverging from NIST-led efforts. The ICCS solicited proposals for PQC algorithms in 2025. China plans to complete PQC standard development in 2025-2026, achieve scale migration in key industries by 2027-2028, and reach 80%+ migration by 2029-2034. This represents a parallel, sovereign approach to quantum-safe cryptography.

• The Quantum Insider: China Launches PQC StandardsAnalysis of China's independent PQC standardization path
• CSIS: Understanding China's Quest for Quantum AdvancementStrategic analysis of China's quantum computing and PQC programs

Japan's NCO has set 2035 as the deadline for full government PQC transition. CRYPTREC published the "Cryptographic Technology Guidelines (Post-Quantum Cryptography) 2024 Edition" in March 2025. Japan pursues a dual-track strategy combining PQC adoption (aligned with NIST standards) and Quantum Key Distribution (QKD) technology.

• CRYPTREC Cryptographic Technology GuidelinesOfficial Japanese PQC evaluation and implementation guidance
• Japan's NCO Sets 2035 TimelineAnalysis of Japan's PQC migration timeline

South Korea completed its KpqC competition in January 2025, selecting national algorithms: HAETAE and AIMer (digital signatures) and SMAUG-T and NTRU+ (key encapsulation). Pilot migrations in finance and telecom are planned for 2025-2028 with full nationwide adoption targeted by 2035.

• KpqC Competition PortalOfficial Korean Post-Quantum Cryptography competition
• KpqC Competition Winners AnalysisOverview of selected algorithms HAETAE, AIMer, SMAUG-T, NTRU+

Australia has one of the most aggressive PQC timelines globally. ASD published "Planning for Post-Quantum Cryptography" guidance recommending organizations cease using traditional asymmetric cryptography by 2030. Detailed transition plans must be ready by end of 2026 with implementation starting for critical systems by 2028.

• ASD: Planning for Post-Quantum CryptographyOfficial guidance with one of the most aggressive global timelines

Canada published its PQC migration roadmap (ITSM.40.001) in June 2025. Federal departments must submit initial migration plans by April 2026 and report annually. Each department must appoint a PQC migration executive lead. High-priority systems must complete migration by 2031, with all remaining systems by 2035.

• CCCS: Roadmap for Migration to PQC (ITSM.40.001)Official federal government PQC migration roadmap
• National Quantum Strategy: PQC RoadmapCanada's broader quantum technology strategy

Singapore's CSA released a Quantum-Safe Migration Handbook and Quantum Readiness Index (QRI) providing operational guides for discovery, risk-based prioritization, phased migration, and monitoring. Singapore has committed over S$400 million through 2030 for quantum technology, with S$100 million from the Monetary Authority for financial-sector quantum capabilities.

• CSA: Quantum-Safe Handbook and Quantum Readiness IndexPractical assessment and migration tools

India's National Quantum Mission (NQM), approved with ~$700M USD through 2031, includes a PQC task force that published a national quantum-safe roadmap. Critical infrastructure sectors (defense, telecom, energy) must adopt PQC by 2027, with full nationwide adoption by 2033. Dedicated PQC testing laboratories are planned by December 2026.

• DST Task Force Report on PQC Migration (PDF)National quantum-safe roadmap by India's Department of Science & Technology

Taiwan launched a five-year PQC promotion plan in 2024, aligning with NIST FIPS 203/204/205. The Quantum Safe Migration Center (QSMC) has formed alliances with international testing organizations for security testing. Taiwan is leveraging its semiconductor and cybersecurity industries to develop PQC-enabled chips and hybrid encryption architectures.

• Quantum Safe Migration Center (QSMC)Taiwan's PQC migration coordination center

NATO published its Quantum Technologies Strategy calling for transitioning alliance cryptographic systems to quantum-safe cryptography. The strategy emphasizes PQC as the primary approach, with QKD as a complementary future technology. NATO requires coherent investment across Allies and supply chain monitoring to mitigate adversarial interference during migration.

• NATO Quantum Technologies StrategyOfficial NATO quantum strategy document
• NATO STO: DISCRETION - Quantum Secure CommunicationsResearch program for quantum-secure defence communications

Russia is developing independent PQC standards through Rosstandart's Working Group 2.5. The National Technology Center for Digital Cryptography (est. 2022) is running a formal Russian PQC competition. Notable candidates include Shipovnik (post-quantum signature scheme) and Codiaeum (code-based key encapsulation mechanism). GOST PQC standards are expected within the next few years.

• Sovereignty in the PQC EraAnalysis of Russia's sovereign approach to PQC standardization