Summary: The UKβs National Cyber Security Centre (NCSC) has issued a migration timeline to transition to post-quantum cryptography (PQC), mandating critical organizations complete this by 2035. This guidance outlines a structured plan with specific milestones and emphasizes the importance of updating encryption methods against quantum computing threats. By following NCSCβs recommendations, organizations can better secure their data against future risks.
Affected: Government agencies, large enterprises, critical national infrastructure operators, technology and software providers
Keypoints :
- Migration goals must be defined by 2028, including a full assessment of cryptographic dependencies.
- By 2031, organizations should complete their top-priority PQC migration tasks and refine their migration plans.
- Full migration to PQC is required by 2035 across all systems, services, and products.
- NIST-approved PQC algorithms recommended for adoption include ML-KEM, ML-DSA, and SLH-DSA.
- Challenges for migration include legacy systems, lack of expertise, and supply chain complexities.
- NCSC plans to launch a pilot scheme to assist organizations in the migration process.