On April 9, the French Nationwide Info Programs Safety Company (ANSSI) introduced France’s nationwide cybersecurity roadmap for 2026-2027. The roadmap features a chapter devoted to the post-quantum cryptography transition with particular deadlines for all businesses.
Based on the doc, data methods that course of delicate information should function with post-quantum cryptography. By the top of 2030After that 12 months, solely encryption merchandise that incorporate this safety will be deployed.
The roadmap establishes three phases by the ultimate deadline.
- By the top of 2026businesses might want to take stock of their sturdy and delicate information to establish which information requires precedence post-quantum safety.
- By the top of 2027the affected expertise elements, reminiscent of encryption and digital signature methods, have to be recognized.
- and by the top of 2030the implementation of post-quantum cryptography have to be accomplished in all methods that course of delicate data.
Why is France appearing now?
The ANSSI doc offers two causes for appearing earlier than quantum {hardware} exists. The primary one is The time required for a migration of that dimension. Updating cryptography throughout the nation’s infrastructure is a course of that “have to be anticipated and began now,” the doc mentioned.
The second is threat, often called. “Harvest now, decrypt later” (Save now, decrypt later): The apply of malicious attackers capturing encrypted information right this moment with the intention of decrypting it once they have adequate quantum {hardware}. The chance exists no matter when Q-Day arrives.
As reported by CriptoNoticias, the roadmap would see France be a part of establishments reminiscent of Google, which has introduced it can migrate its infrastructure by 2029, and the US Nationwide Institute of Requirements and Know-how (NIST), which has set post-quantization migration deadlines of 2030 and 2035.
