Latest Quantum Security, PQC, Post-Quantum, Crypto-Agility News
-
Apr- 2025 -30 AprilQuantum Security & PQC
Europe’s New Cryptographic Rulebook Just Made PQC Official
30 Apr 2025 - For years, the EU's position on post-quantum cryptography could be summarized as "we're watching closely." That changed in April 2025, when the European Cybersecurity Certification Group - the body that decides which cryptographic mechanisms are acceptable for products certified under Europe's EUCC scheme - published Version 2.0 of its Agreed Cryptographic Mechanisms document. It's the first…
Read More » -
13 AprilQuantum Security & PQC
SC081v3 and the 47‑Day Certificate Era: What the CA/B Forum Just Set in Motion
On April 11, 2025, the CA/Browser Forum published Ballot SC081v3, “Introduce Schedule of Reducing Validity and Data Reuse Periods,” alongside a draft of the TLS Baseline Requirements updated for IPR review. The ballot sets a phased schedule that shrinks maximum publicly trusted TLS server certificate validity from 398 days to 200 days (March 15, 2026), then 100 days (March 15, 2027), and ultimately 47 days…
Read More » -
10 AprilQuantum Security & PQC
OpenSSL 3.5 Ships with Post-Quantum Cryptography On by Default
OpenSSL 3.5.0 ships with ML-KEM, ML-DSA, and SLH-DSA built in, and defaults TLS key exchange to hybrid PQC. For the millions of servers and applications running OpenSSL, PQC just went from "find a plugin" to "update your library."
Read More » -
Mar- 2025 -25 MarchPolicy & Sovereignty
ETSI publishes TS 103 744 v1.2.1: Hybrid key establishment for the quantum transition
ETSI’s Technical Committee CYBER has released ETSI TS 103 744 V1.2.1, a technical specification for quantum‑safe hybrid key establishment—methods that combine classical elliptic‑curve Diffie‑Hellman (ECDH) with post‑quantum key encapsulation (ML‑KEM) to derive shared keys that remain secure even if one component is later broken. The new version codifies two combiner constructions, enumerates fixed parameter sets, and ships with test vectors…
Read More » -
24 MarchPolicy & Sovereignty
UK NCSC Releases “Timelines for migration to post-quantum cryptography”
London, UK (NCSC) - The UK’s National Cyber Security Centre (NCSC) this week unveiled new guidance on timelines for migrating to post-quantum cryptography (PQC), outlining a phased roadmap for organizations to shift their encryption methods to quantum-resistant standards by 2035. Announced just days ago, the guidance breaks down key milestones over the next decade to ensure a “smooth and controlled…
Read More » -
20 MarchResearch
New Study Shows Post‑Quantum Cryptography (PQC) Doesn’t Have to Sacrifice Performance
The new performance analysis of Kyber and Dilithium is a welcome addition to the PQC literature. It confirms that post‑quantum security and good performance are not mutually exclusive, especially when using optimized implementations. In fact, Kyber and Dilithium often outperform classical cryptography at comparable security levels. This challenges the narrative that PQC will drastically slow down our networks. At the…
Read More » -
11 MarchPolicy & Sovereignty
NIST Picks HQC as New Post-Quantum Encryption Candidate
The U.S. National Institute of Standards and Technology (NIST) has announced today the selection of Hamming Quasi-Cyclic (HQC) as a new post-quantum encryption candidate in its Round 4 of the Post-Quantum Cryptography (PQC) standardization program. HQC’s advancement is especially interesting because it is the only algorithm from NIST’s 4th round of evaluations to be chosen for standardization. This move will…
Read More » -
Feb- 2025 -4 February
-
Jan- 2025 -30 JanuaryQuantum Security & PQC
South Korea Selects Four Domestic PQC Algorithms, Running a Parallel Track to NIST
South Korea has selected four domestic PQC algorithms through its KpqC competition, none of which are NIST standards. The choice to run a parallel standardization process alongside NIST adoption raises interoperability questions that multinationals cannot ignore.
Read More » -
23 JanuaryQuantum Security & PQC
The EU’s Cyber Resilience Act Doesn’t Say “Post-Quantum” but Its Crypto-Agility Requirement Will Shape PQC Migration
The EU Cyber Resilience Act doesn't mention "post-quantum" by name. But its requirement that products support cryptographic updates throughout their lifecycle effectively mandates the architectural capability that PQC migration depends on: crypto-agility.
Read More » -
19 JanuaryPolicy & Sovereignty
Executive Order 14144: Biden’s Big Swing at Cybersecurity Modernization
On January 16 2025 President Joe Biden signed Executive Order 14144, “Strengthening and Promoting Innovation in the Nation’s Cybersecurity.” The 17‑page directive is the administration’s most comprehensive cyber policy since EO 14028 in 2021 and, for the first time, embeds post‑quantum cryptography (PQC) migration deadlines directly in federal law. At its core the order: Puts PQC on a clock. CISA must publish, within 180 days, a list…
Read More » -
12 JanuaryQuantum Security & PQC
Bank of Israel Tells Banks: Map Your Cryptographic Exposure and Submit Quantum Preparedness Plans Within a Year
The Bank of Israel's Banking Supervision Department has issued a directive requiring every banking corporation to map its cryptographic exposure, assess quantum risks, and submit a formal preparedness plan within one year. Among the earliest binding financial-sector directives globally.
Read More » -
9 JanuaryPolicy & Sovereignty
NIST Releases NIST SP 800-227 IPD
NIST has just released the initial public draft of CSWP 48, part of its Migration to Post-Quantum Cryptography project: "Mappings of Migration to PQC Project Capabilities to NIST Cybersecurity Framework 2.0 and to Security and Privacy Controls for Information Systems and Organizations."
Read More » -
7 JanuaryResearch
First Successful Factorization of RSA-2048 by Quantum Computer? Not Even Close!
Chinese researchers published “A First Successful Factorization of RSA-2048 Integer by D-Wave Quantum Computer.” To get straight to the point - the title is misleading. The authors did NOT factor a general RSA-2048 key (as used in real cryptography); instead, they factored a specially structured 2048-bit semiprime chosen to be extremely easy.
Read More » -
Dec- 2024 -29 DecemberQuantum Security & PQC
NSA Updates CNSA 2.0 Guidance After NIST Finalizes Post-Quantum Standards
The updated FAQ locks in ML-KEM-1024 and ML-DSA-87 as the only approved public-key algorithms, excludes SLH-DSA entirely, and lays out enforcement timelines that start biting in 2025.
Read More »
