U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Migration to Post-Quantum Cryptography

Quantum computers powerful enough to break some public-key cryptography will pose a serious threat to our information systems. NIST’s post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to develop standardized quantum-resistant algorithms known as post-quantum cryptography. Implementation of post-quantum cryptography will increase the security of our digital information. Migration to post-quantum cryptography requires action to understand the use of quantum-vulnerable public-key algorithms in hardware, software, and services and to develop roadmaps to prioritize use of the NIST post-quantum cryptographic algorithms to protect data and processes from future threats.

 

Read our project FAQ NIST’s Post-Quantum Cryptography (PQC) Project

Demonstrating practices to ease migration from quantum-vulnerable public-key cryptographic algorithms to NIST standardized post-quantum cryptographic algorithms that are resistant to quantum computer-based attacks.

The project has two workstreams. The Cryptographic Discovery workstream is focused on the use of cryptographic inventory tools to allow an organization to learn where and how cryptography is being used to protect the confidentiality and integrity of your organization’s important data and digital systems. The discovery workstream is also looking at how cryptographic inventories can support risk management and prioritization decisions about where to implement the technologies that leverage the NIST standardized post-quantum cryptographic (PQC) algorithms. Interoperability testing of NIST standardized post-quantum cryptographic algorithms is the second workstream. This workstream focuses on supporting the ability of technology vendors to implement in their products and for standards bodies to update standardized protocols to include PQC. The collaborators agreed on a common scope that enabled them to test their implementations of the PQC algorithms with standards that are commonly used. Interoperability testing within this context enables: identification of compatibility issues between PQC algorithms; resolution of compatibility issues in a controlled, non-production environment; and reduction of time spent by individual organizations performing similar interoperability testing for their own migration efforts.
Status: Reviewing Comments

The National Cybersecurity Center of Excellence (NCCoE) has published Cybersecurity White Paper (CSWP) 48 - Mappings of Migration to PQC Project Capabilities to Risk Framework Documents for comment.

The public comment period for this draft closed on October 20, 2025.

NIST CSWP 48, Mappings of Migration to PQC Project Capabilities to Risk Framework DocumentsWeb Version NIST CSWP 48, Mappings of Migration to PQC Project Capabilities to Risk Framework Documents

NIST published Cybersecurity White Paper (CSWP) 39, Considerations for Achieving Crypto Agility: Strategies and Practices to provide an in-depth survey of current approaches to achieving crypto agility.

NIST CSWP 39, Considerations for Achieving Crypto Agility Strategies and PracticesWeb Version NIST CSWP 39, Considerations for Achieving Crypto Agility Strategies and Practices
Read the 2-page Fact Sheet

Project Abstract

The scope of this project is to demonstrate our lab practices that can reduce how long will it take to deploy a set of tools that are quantum safe. The Migration to Post-Quantum Cryptography project seeks to demonstrate practices that reduce the value of y.  

For our project, quantum safe describes digital systems that have implemented the NIST PQC algorithms that are resistant to quantum computer-based attacks. Learn more about NIST's process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms at Post-Quantum Cryptography | NIST.

The audience for the project includes developers of products that use public-key cryptographic algorithms, as well as product integrators, customer organizations that acquire or configure these products, and bodies that standardize protocols that employ or are dependent on public-key cryptographic algorithms.

It is critical to begin planning for replacement of hardware, software, and services that use public-key algorithms now so that the information is protected from future attacks.

Read the Project Description

The NCCoE previously published the following preliminary drafts. 

Updates to sections and specific topics in these preliminary drafts will be published as draft cybersecurity white papers, tech notes, and informational reports with supporting details posted to the project site.

Migration to Post-Quantum Cryptography Static Site
NIST SP 1800-38A: Executive Summary (Preliminary Draft)
NIST SP 1800-38B: Approach, Architecture, and Security Characteristics of Public Key Application Discovery Tools (Preliminary Draft)
NIST SP 1800-38C: Quantum-Resistant Cryptography Technology Interoperability and Performance Report (Preliminary Draft)

Consortium Participants

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Post-Quantum Cryptography: the Good, the Bad, and the Powerful

This video featuring NIST’s Matthew Scholl emphasizes how NIST is working with the brightest minds in government, academia, and industry from around the world to develop a new set of encryption standards that will work with our current classical computers—while being resistant to the quantum machines of the future.

Supplemental Resources

White Paper: Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms. Describing the impact of quantum computing technology on classical cryptography, introducing the adoption challenges associated with post-quantum cryptography, and planning requirements for migration to post-quantum cryptography are discussed.

Virtual Workshop on Considerations in Migrating to Post-Quantum Cryptographic Algorithms. Recording and materials now available. 

Metal arrow pointing upward

Join the Community of Interest

Employee speaking on video call with colleagues on online briefing with laptop at home

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Tell us about yourself