Government of Canada Launches Post-Quantum Cryptography (PQC) Migration Roadmap

On June 23, 2025 The Canadian Centre for Cyber Security (Cyber Centre) has issued a new roadmap for migrating the Government of Canada’s IT systems to post-quantum cryptography (PQC). This guidance, “Roadmap for the migration to post-quantum cryptography for the Government of Canada (ITSM.40.001)” lays out deadlines and expectations for all federal departments and agencies to transition their cryptographic systems to quantum-safe standards.

It applies across non-classified federal IT systems, covering all Government of Canada networks handling UNCLASSIFIED, PROTECTED A, and PROTECTED B information (systems managing classified or PROTECTED C data are addressed separately). The goal is straightforward: “all instances of public-key cryptography must be migrated” to protect Canadian systems and citizens’ data from the looming quantum threat.

Key mandates in Canada’s PQC roadmap include:

• By April 2026 – Departmental Migration Plans: Every federal department and agency must develop an initial PQC migration plan by April 2026. This plan should inventory where vulnerable cryptography is used and outline how the department will transition those systems to approved post-quantum algorithms. Senior leadership involvement is expected; the roadmap recommends assigning a Designated Official for Cyber Security (DOCS) or similar executive as the PQC Migration Lead to ensure accountability and oversight.
• Starting 2026 – Annual Progress Reporting: Beginning in April 2026 and every year thereafter, departments must report on their PQC migration progress. These progress reports feed into a government-wide oversight process. The Treasury Board Secretariat (TBS) is preparing policy instruments to formally require these plans and reports, integrating PQC migration into the federal cyber security strategy. In other words, what starts as Cyber Centre “guidance” will be backed by TBS mandates to ensure departments follow through. Compliance will be tracked via existing oversight mechanisms for IT security.
• By End of 2031 – High-Priority Systems Quantum-Safe: The roadmap sets an interim deadline of end of 2031 to complete migration of all high-priority systems to quantum-resistant encryption. In practice, this means critical or sensitive government systems most at risk from quantum attacks should be using PQC by 2031. Each department is directed to identify which of its systems should be treated as high priority. Notably, any system that handles sensitive data over public networks (and thus could be vulnerable to “harvest now, decrypt later” eavesdropping) should be prioritized. Other factors for prioritization include the sensitivity/lifespan of the information, the system’s cryptographic agility, and the impact of a compromise.
• By End of 2035 – All Remaining Systems Quantum-Safe: The ultimate target is completion of the PQC migration across all remaining federal systems by the end of 2035. Meeting this means that by 2035, every non-classified Government of Canada IT system should have quantum-safe encryption, with legacy vulnerable algorithms (like today’s RSA/ECC) fully removed, isolated, or mitigated. The roadmap emphasizes that “completion” is defined strictly – it’s not enough to merely enable new PQC algorithms in parallel, agencies must disable or eliminate the old quantum-vulnerable cryptography in these systems by the deadline. In short, by 2035 the Government’s aim is to close the quantum security gap entirely for its unclassified networks.

To achieve these milestones, the Cyber Centre’s roadmap breaks the effort into three phases: Preparation, Identification, and Transition.

1. In the Preparation phase, departments establish governance (e.g. a migration committee with cross-department stakeholders and an executive lead) and tackle prerequisites like funding, training, and updating procurement policies. Early actions include educating staff about the quantum threat and inserting requirements into new contracts so that any technology procured now is PQC-ready and crypto-agile (able to swap cryptographic algorithms easily).
2. Next, the Identification phase focuses on discovery: teams must inventory every application, device, and system that uses cryptography across the department. This is a comprehensive task – covering everything from servers and databases to network appliances, laptops, mobile devices, ID cards, and more. For each system, detailed information is collected (e.g. what cryptographic algorithms/protocols are in use, which vendors or libraries are involved, dependencies, expiration of any contracts or certificates, etc.). This inventory process also flags which systems should be prioritized for quantum-safe upgrades – as noted, systems facing potential “harvest-now/decrypt-later” interception risk are explicitly recommended to be marked high-priority.
3. Finally, in the Transition phase, departments use that inventory to methodically upgrade or replace systems with PQC solutions, or apply mitigation strategies like quantum-safe tunneling or network isolation where upgrades aren’t feasible. The roadmap acknowledges that many legacy systems won’t be simply patched overnight; some may require significant refactoring or even full replacement if they cannot support new algorithms. Departments are advised to plan multi-stage transitions – for example, initially enabling PQC algorithms alongside legacy ones for compatibility, then eventually phasing out the legacy crypto entirely once everything is verified working in quantum-safe mode.

Taken together, Canada’s PQC roadmap represents a proactive, government-wide mobilization to confront the quantum computing threat. “Every organization managing IT systems must migrate cyber security components to become quantum-safe,” the document declares. By instituting concrete deadlines and accountability (annual reports to Treasury Board), the plan seeks to move post-quantum cryptography out of the lab and into the fabric of federal IT operations before quantum computers render current encryption obsolete. Government cybersecurity leaders now have a timeline in hand – and the clock for Canada’s quantum-safe transition is officially ticking.

Analysis

Canada’s roadmap is a significant step, but how does it stack up against similar post-quantum initiatives elsewhere, particularly Europe’s PQC transition strategy announced practically on the same day? The European Commission and EU Member States published their own coordinated PQC roadmap in June 2025, setting aggressive targets – notably a 2030 deadline for securing high-risk systems – as part of a broader push for quantum resilience across Europe. As a EU citizen who lived in Canada for long time and considers it my second country, this is an interesting comparison. So let’s compare the two roadmaps issued on the same day:

Timeline Urgency: 2031 vs. 2030 for Critical Systems

On paper, Canada’s timeline lags just slightly behind Europe’s for critical systems. The EU roadmap calls for all “high-risk” use cases – especially critical infrastructure – to be post-quantum secure by the end of 2030 (as soon as possible, and no later than 2030 according to the official mandate). In contrast, Canada’s plan gives until end of 2031 to finish migrating its own high-priority systems. That effectively puts Canada about a year behind the EU’s target for the most sensitive systems. In the grand scheme, a one-year difference might not sound like much, but in the context of quantum threats it could prove significant. In fact, my detailed analysis on this site argues that 2030 is the likely “Q-Day” (the year RSA-2048 gets cracked by a quantum machine) based on recent breakthroughs in algorithms and hardware. From that perspective, Europe’s insistence on 2030 as the drop-dead date for critical systems reflects an understanding that waiting any longer is courting disaster. This is why the EU pulled its deadline forward for high-priority cases, effectively giving a five-year window (2025–2030) to secure vital infrastructure.

Canada’s 2031 deadline for high-priority government systems, by comparison, appears more conservative. To Canada’s credit, the government clearly recognizes the “harvest now, decrypt later” risk and is pushing its departments to prioritize systems that protect sensitive data in transit as early as possible. In practical terms, nothing stops Canadian agencies from completing critical upgrades by 2030 or sooner – and indeed the Cyber Centre “high priority” guidance implies they should strive to beat the 2031 deadline for any system at serious risk. But the formal target remains 2031, not 2030.

Both countries converge on 2035 for completing full migrations, aligning with the U.S. federal government’s own 2035 target for quantum-proofing all systems.

Scope and Ambition: Whole-of-Nation vs. Government-Only

Another notable difference is scope and ambition. The EU’s PQC roadmap is broad and sweeping in its reach – it’s a coordinated plan for an entire continent, urging all Member States to enact national strategies that cover critical infrastructure, industry, finance, government, and other high-impact sectors. The European initiative explicitly mentions utilities, telecom, banking, transportation, defense, and other vital sectors as needing priority post-quantum upgrades by 2030. In effect, Europe is taking a whole-of-society approach: it’s not just about securing EU institutions, but also about pushing private-sector infrastructure (often regulated at national level) to become quantum-safe on a similar timetable. This ambition is backed at the political level – the roadmap was developed by the EU NIS Cooperation Group with support from the European Commission, and it comes with high-level political backing to get Member States moving in sync. While it isn’t a law or regulation by itself, the expectation is clear: every country in the bloc needs to treat this with urgency and likely translate these targets into national policies or directives. There’s an element of “soft enforcement” through EU oversight and peer pressure; Member States will be measured on their progress, and critical sectors are in the spotlight.

Canada’s roadmap, on the other hand, is narrower in scope – focused inward on federal government IT systems. It applies only to Government of Canada departments and agencies (and only to their unclassified systems at that). This is essentially a “whole-of-government” plan, not (yet) a whole-of-society plan. The ambition is to get Ottawa’s house in order by 2035, which is no small feat and will significantly boost Canada’s baseline cyber resilience. However, outside of federal networks, the roadmap does not directly mandate anything for provincial governments, critical infrastructure operators, banks, utilities or other private-sector entities. Those sectors in Canada will certainly feel the same quantum pressure, but any migration efforts there would fall under separate initiatives or regulatory bodies. To date, we haven’t seen a public Canadian equivalent of the EU’s broad call-to-arms for industry. The Canadian government’s National Quantum Strategy touches on PQC research and awareness, but no binding timeline for critical infrastructure (e.g. power grids, telecom providers, financial institutions) has been announced akin to the EU’s 2030 target. I believe this is a gap in Canada’s overall posture: while Europe is explicitly dragging even its private sector toward quantum safety, Canada is concentrating on federal systems first and implicitly hoping industry follows suit. In fairness, securing government communications and data is a logical first focus – and Canada’s federal CIO can directly enforce that. Pushing mandates onto private industry would require new regulations or legislation, which is more complex and time-consuming. Still, the contrast in ambition is stark: Europe’s horizon includes all critical systems nationwide, whereas Canada’s current roadmap covers a crucial but limited slice of the national digital ecosystem.

One might argue that Canada’s approach is simply a first step, likely to be complemented by industry guidance later. Indeed, the Cyber Centre and other agencies may issue best practices for critical infrastructure companies, and some Canadian industries (like banking) often align with government cryptographic standards voluntarily. But as of now, if a Canadian power utility or bank wants to procrastinate on PQC, there is no “2030 or else” imperative pushing them the way the EU is pushing its high-risk sectors. That difference in enforcement mechanisms is significant. Europe’s plan isn’t a law, but it carries weight – we can expect EU regulators and national governments to translate it into concrete obligations (for example, through updates to the NIS2 Directive, critical infrastructure protection rules, or sector-specific regulations).

Guidance and Execution: Detailed Roadmap vs. High-Level Strategy

When it comes to practical guidance, Canada’s roadmap distinguishes itself with a high level of detail and prescriptive advice for execution. The document reads like a project plan blueprint – it defines phases, roles (down to recommending a specific executive lead and technical lead in each department, and concrete deliverables. It even provides lists of what to include in cryptographic inventories (covering everything from algorithms and software versions to hardware tokens and network zones). Canada’s Cyber Centre has essentially handed every department a starting template for how to do a PQC migration. This kind of granular guidance is invaluable given the complexity of the task. As my “Ready for Quantum” guide discusses, transitioning an enterprise to quantum-safe crypto is anything but a simple swap-out – it’s a multifaceted, years-long endeavor touching countless components and requiring careful coordination. The roadmap acknowledges this reality, stressing education, budgeting, and stakeholder buy-in in the Preparation phase, and recommending the use of discovery tools, sensors, and even third-party services to tackle the daunting inventory of legacy cryptography. It also smartly advises departments to integrate PQC updates into normal IT lifecycle management (upgrades and renewals) wherever possible to contain costs. By embedding post-quantum requirements into procurement now, the government can avoid paying twice for technology – a point explicitly made in the roadmap’s procurement guidelines (e.g. include contract clauses obligating vendors to support approved PQC algorithms and crypto agility in future upgrades). All these specifics give Canadian IT teams a clearer playbook on how to move forward.

The European Commission’s coordinated roadmap, being a higher-level strategy document aimed at member states, is less granular by design. It sets the what and why (the targets and the urgency) more than the how. The EU roadmap does highlight certain key actions – for example, it emphasizes the need for governments and organizations to create detailed cryptographic inventories and foster “crypto agility” in their systems, mirroring the same best practices Canada is pursuing. It also calls for awareness campaigns and risk assessments to be launched by 2026 across Europe. But it doesn’t descend into the weeds of, say, how to conduct a system-by-system crypto discovery or how to restructure procurement contracts – those implementation details are left to each Member State (and indeed many EU countries will look to their own national cyber agencies or industry standards for that level of guidance). In that sense, Canada’s roadmap is more of an “action plan”, whereas the EU’s is a strategic “framework and timeline.”

Neither approach is inherently better or worse – they operate at different layers. However, from a practical standpoint, Canada’s detailed guidance could prove extremely helpful in actually getting the job done on schedule. European countries will need to develop similar detailed roadmaps internally if they haven’t already. The advantage for Canada is that much of that homework was done by the Cyber Centre upfront, giving departments a head start.

Conclusion

In summary, Canada’s newly unveiled PQC roadmap is a robust, positive move that brings the country’s federal cyber defenses in line with global best practices. It demonstrates serious progress: a coordinated strategy with real deadlines, executive oversight, and comprehensive guidance for implementation. Canada is no longer in a wait-and-see posture – it’s joining the likes of the U.S. and EU in declaring that the quantum threat must be addressed now, not later. However, when placed beside Europe’s plan, Canada’s roadmap can be seen as less aggressive in timing and narrower in scope. It gives itself slightly more breathing room (2031 vs 2030 for critical systems), and it concentrates on government networks rather than rallying the entire national infrastructure.

The hope is that this 2025 roadmap galvanizes not only federal departments, but also sparks a broader national effort so that all Canadian systems – public and private – meet the quantum challenge head on, ideally on a timeline that matches the fastest movers on the world stage.