How NIST and NSA’s Guidance Is Shaping the Future of Post-Quantum Cryptography

This article delves into the evolving landscape of Post-Quantum Cryptography (PQC) standardization, focusing on the significant roles that the U.S. National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have played in driving its adoption. The article also outlines the implications for vendors and organizations in transitioning to PQC, as well as the competitive advantages for early adopters. With federal governments’ push toward securing future communications and data, businesses must act swiftly to adopt PQC standards to ensure long-term security.

Market Overview

The standardization of Post-Quantum Cryptography (PQC) has become a critical area of focus, driven by the potential threats posed by quantum computing, particularly in terms of future data security. The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) are leading the way in guiding the transition to PQC by developing standards that will define the future of secure communication and data protection. NIST's role is pivotal, as it works to ensure the continuity of modern security technologies and the eventual phasing out of traditional cryptographic algorithms such as RSA and ECC, which are vulnerable to quantum computing attacks.

NIST’s draft guidance (NIST IR 8547), published in late 2024, will officially deprecate RSA-2048 and ECC-256 by 2030, with a complete transition to PQC by 2035. This timeline directly impacts industries worldwide and will force the widespread adoption of PQC standards. Organizations must now prepare to embrace PQC technologies to future-proof their systems and ensure compliance with upcoming government mandates. For companies already working on Federal Information Processing Standards (FIPS) certification or those who deal with U.S. federal agencies, transitioning to PQC will be not just necessary but imperative.

“NIST is at the forefront of the standardization process for primitives and the resulting algorithms. Most countries will recognize the majority of those published by NIST and further industry standardization efforts will focus on standardizing protocol behavior, rather than defining new cryptographic algorithms.” – Michela Menting, Senior Research Director at ABI Research

The NSA’s CNSA Guidelines and Their Role in Driving PQC Adoption

One of the most influential documents pushing for PQC adoption is the NSA’s Commercial National Security Algorithm (CNSA) Suite 2.0. This guidance outlines a timeline for transitioning to PQC algorithms, with mandatory use between 2030 and 2033. It provides a clear signal to industries and governments worldwide: businesses must prepare for a post-quantum world where traditional encryption methods will no longer be secure.

Despite the fact that the risk of a large-scale quantum computing breakthrough remains theoretical, these guidelines create urgency for the private sector to start the transition to PQC. For organizations involved in national security, the switch is even more critical, as the guidelines stipulate the use of PQC algorithms for sensitive and classified communications. As the NSA’s recommendations will directly affect both the public and private sectors, the momentum behind PQC adoption will only increase, pushing many companies to accelerate their transition timelines.

The Global Impact of NIST's Standards: A Catalyst for Widespread PQC Adoption

ABI Research recognizes that NIST’s influence will extend far beyond the U.S. borders. Many countries follow NIST's lead, meaning that global companies adhering to NIST’s standards will gain a significant competitive edge. This adoption will ultimately drive uniformity in cryptographic practices and ensure that businesses are protected from potential quantum risks.

The NIST PQC guidelines also have ramifications for the global regulatory landscape, as more countries look to align their standards with NIST's. As a result, the push toward PQC will drive both domestic and international consistency, making it easier for organizations to navigate global markets, while ensuring compliance with cryptographic regulations. Furthermore, industries that rely heavily on secure communications—such as finance, healthcare, and technology—will feel the impact most acutely, and the pressure to upgrade existing systems will only increase.

Recommendations for PQC Vendors: Key Strategies for Success

As the shift toward PQC accelerates, vendors will play a pivotal role in helping businesses navigate the transition. Several areas that stand out for PQC vendors looking to position themselves as leaders in the market are outlined in this section.

1. Cryptographic Libraries and Software Development
   Vendors of cryptographic libraries should focus on integrating existing PQC algorithms and developing hybrid libraries that combine classical and quantum-resistant algorithms. These hybrid solutions will be essential for the smooth transition to PQC, allowing businesses to implement the new algorithms alongside traditional ones during the transitional period. To ensure maximum adoption, cryptographic libraries must achieve FIPS 140-3 (level 1) certification, as this standard will be a key criterion for organizations upgrading their security systems.
2. Certificate Authorities (CAs), Public Key Infrastructure (PKI), and Key Management System (KMS) Vendors
   CA, PKI, and KMS vendors must prioritize the development of solutions that can handle hybrid certificates, particularly in the short term, and fully support PQC algorithms in the long term. This includes managing the transition from RSA and ECC to PQC-based certificates. It will also be crucial to assist businesses in evaluating their existing cryptographic assets and providing remediation advice. By focusing on the early stages of PQC implementation, these vendors can support companies in preparing for the eventual widespread adoption of PQC.
3. Hardware Security Modules (HSMs)
   Hardware providers must ensure their HSMs are capable of supporting all standardized PQC algorithms. As the hardware root of trust for cryptographic operations, HSM manufacturers will need to offer products that can integrate PQC algorithms securely. Crypto agility will be essential, as HSMs will need to manage multiple encryption standards simultaneously. HSM vendors should also ensure that their devices can be updated securely with the latest algorithms, and that their solutions support secure remote management.
4. Security Awareness and Education
   For PQC vendors, it will be equally important to provide education and awareness to businesses about the risks associated with not transitioning to PQC. Ensuring that decision makers understand the long-term value of implementing PQC solutions will be key to fostering early adoption. Companies should be equipped with the knowledge and tools necessary to make informed decisions regarding their security infrastructure.

Key Companies

• Large Technology Companies: IBM, Microsoft, Amazon Web Services (AWS), Google, Meta
• Cybersecurity Vendors: Thales, IDEMIA, NCC Group, Entrust, Utimaco, DigiCert, and Worldline
• Industry-Specific Vertical Players: Arm, Intel, Qualcomm, NXP, Philips, Cisco, Ericsson, Nokia, and Telefónica
• PQC-Focused Startups: PQShield, Post-Quantum, CryptoNext, and CryptoExpert

Conclusion

To better understand the evolving PQC landscape and its global implications, download ABI Research's full report on Post-Quantum Cryptography Standards: State of Play, and gain in-depth insights into the future of cryptographic security. Download the report here.