Q-Day countdown: NIST finalizes three post-quantum crypto standards; organizations must test by 2030
<cite index="3-2,10-4">NIST released its first finalized post-quantum cryptography standards in August 2024—FIPS 203 (ML-KEM for key encapsulation), FIPS 204 (ML-DSA for digital signatures), and FIPS 205 (SLH-DSA for hash-based signatures)—and organizations should begin implementing them now</cite>. <cite index="1-1,1-2">The U.S. government advises eliminating all classical public-key cryptography by 2030, while Europe targets full post-quantum adoption by 2035</cite>. <cite index="2-1">Most experts expect Q-Day—when quantum computers become powerful enough to break RSA and elliptic-curve encryption—to occur in the 2030s or later</cite>, but <cite index="4-1">a 2016 NIST report cites experts who acknowledge the possibility of quantum technology rendering RSA insecure by 2030</cite>.
<cite index="1-3">The threat includes 'harvest now, decrypt later' attacks where adversaries capture encrypted data today to decrypt it later once quantum computers arrive</cite>. <cite index="1-2,7-2">The IETF is incorporating PQC algorithms into core internet protocols like TLS, and major technology vendors, cloud providers, and security platforms are treating the government deadlines as hard mandates</cite>. <cite index="2-4">Federal U.S. agencies have been directed to inventory cryptographic systems, assess quantum risk, and prepare migration plans</cite>.
For infrastructure and security architects, the testing frontier is urgent: <cite index="5-1">testing frameworks must validate interoperability and performance of the new standards before widespread deployment</cite>, and <cite index="2-4">organizations that begin now will have time to inventory, assess, test, and migrate safely, while those that wait may face compressed timelines and higher exposure</cite>. Given the decade-long cryptographic transition timelines, preparation must start immediately to meet 2030–2035 enforcement deadlines.