Post-quantum cryptography (PQC) is how we secure today’s data against tomorrow’s threat posed by future quantum computers. The U.S. National Institute of Standards and Technology (NIST) leads this effort by defining NIST PQC Standards. It has published algorithms and guidance that vendors and agencies can implement with confidence. 

On August 13–14, 2024, NIST released the first three finalized PQC standards, marking a major milestone in the global migration to quantum-resistant cryptography.

The First Three Final NIST PQC Standards (2024)

NIST published three Federal Information Processing Standards (FIPS) that you can deploy today: 

1. FIPS 203: ML-KEM (based on CRYSTALS-Kyber)

   It is a key-encapsulation mechanism (KEM) used for establishing shared secrets (e.g., in TLS handshakes, VPNs). It provides three parameter sets (ML-KEM-512, -768, and -1024) to balance performance and security.

2. FIPS 204: ML-DSA (based on CRYSTALS-Dilithium)

   It is a lattice-based digital signature scheme suitable for general-purpose code signing, document signing, and protocol authentication. It provides three parameter sets (ML-DSA-44, -65, and -87).

3. FIPS 205 – SLH-DSA (based on SPHINCS+)

   A stateless hash-based signature scheme that offers conservative, hash-based security with larger signatures. It’s useful where long-term robustness is paramount. SLH-DSA supports 12 parameter sets, offering flexible choices across three security categories:

   • Category 1 – Equivalent to breaking AES-128 or SHA-256 with brute force. Provides strong protection for general-purpose applications.
   • Category 3 – Equivalent to breaking AES-192. Intended for environments that require stronger resistance against both classical and quantum adversaries.
   • Category 5 – Equivalent to breaking AES-256. Offers the highest level of long-term security, suitable for critical infrastructure, defense, and data that must remain confidential for decades

All three FIPS became effective on August 14, 2024, per the Federal Register notice. That means they are approved for U.S. federal use and serve as a clear signal to industry to begin adoption.  

Newer NIST Standards: FN-DSA (FALCON) and HQC

• FALCON (to be standardized as FN-DSA / FIPS 206 – draft)

  NIST indicated that a fourth digital signature standard, based on FALCON, would be released in draft as FIPS 206. FALCON is a compact, fast lattice-based signature, useful where small signatures and high throughput matter. As of 2025, it’s progressing through the standardization pipeline.

• HQC selected for standardization (KEM)

  In March 2025, NIST selected HQC as an additional KEM to standardize from its “fourth round” candidates. Draft standardization work follows the selection. Organizations planning for crypto-agility should track HQC’s progress so they can evaluate it alongside ML-KEM.

How to Think About the Algorithms

1. KEMs for key establishment
   • ML-KEM (FIPS 203): Primary, high-performance default for most applications today.
   • HQC (selected 2025): Additional code-based KEM coming down the standards track. Organizations should watch drafts to compare performance and implementation trade-offs.
2. Digital signatures
   • ML-DSA (FIPS 204): It is the most versatile choice. It balances security and efficiency, making it a strong default for tasks such as code signing, document signing, and authentication protocols.
   • SLH-DSA (FIPS 205): It takes a more conservative approach. It is hash-based, which results in larger signatures, but the security assumptions are simple and well understood, making it especially attractive for long-term robustness.
   • FN-DSA / FALCON (draft FIPS 206): It is still in the draft stage. It offers compact signatures and very high performance, which makes it appealing in scenarios where bandwidth is limited or speed is critical. Organizations should keep an eye on its progress toward final approval.

Why NIST PQC Standards Matter Right Now

• They’re finalized and effective: The first three FIPS are not experimental, they’re approved and ready for federal and commercial adoption.  
• Quantum timelines are uncertain, but data has a long shelf life: Even though large, code-breaking quantum computers are not here yet, adversaries can harvest now, decrypt-later. Moving to NIST-approved PQC reduces that risk.  
• They enable crypto-agility: Designing systems to swap algorithms (e.g., ML-KEM today, HQC later if needed) ensures you’re not locked in. 
• Cryptographic transition takes time: The shift to new cryptographic standards is a slow and complex process. It requires updating hardware, software, and protocols across entire systems. It’s a multi-year effort that involves extensive planning, testing and deployment. 

Key FAQs on NIST PQC Standards

Are the NIST approved PQC algorithms drop-in replacements? 
Often yes for KEMs and signatures but expect larger keys/signatures and different performance profiles. Benchmark in your environment. 

Do I need both ML-DSA and SLH-DSA? 
Not necessarily. Most will use ML-DSA for general-purpose applications. SLH-DSA is reserved for situations that demand the absolute highest level of long-term security.

• ML-DSA is fast and efficient, making it ideal for the majority of use cases like code signing, firmware updates, and secure communication protocols. 
• SLH-DSA’s security relies on well-understood hash functions, providing very strong long-term assurance. You’d use this for data that needs to be verifiably secure for decades, such as government archives, legal documents, and critical infrastructure data. 

What about Classic McEliece or BIKE? 
NIST evaluated multiple fourth-round KEMs and selected HQC for standardization in 2025. Others may continue in different forums, but NIST’s path forward is ML-KEM plus HQC.  

When will FALCON be finalized? 
NIST flagged FIPS 206 (FN-DSA/FALCON) for draft release and subsequent finalization steps. Track NIST announcements to time adoption plans. 

How Can Encryption Consulting Help?

If you’re still unsure where to begin your post-quantum journey, Encryption Consulting is here to guide you. As your trusted partner, we’ll support you at every stage, offering clarity, confidence, and proven expertise. 

We start by mapping your current cryptographic landscape. This involves discovering and inventorying all cryptographic assets like certificates, keys, and related dependencies. We then evaluate which systems are vulnerable to quantum threats and review the readiness of your PKI, HSMs, and applications. This leads to a detailed cryptographic inventory, quantum risk impact analysis, and a clear, prioritized action plan.  

Next, we design a tailored migration strategy aligned with your business goals. This includes updating cryptographic policies in line with NIST and NSA guidelines, creating governance frameworks, and embedding crypto agility principles so your systems remain adaptable. This leads to a comprehensive PQC strategy, a crypto-agility framework, and a phased migration roadmap built around your priorities and timelines.  

Selecting the right solutions is critical. We help you define RFP/RFI requirements, shortlist the most suitable vendors for PQC algorithms, key management, and PKI, and conduct proof-of-concept testing in your environment. This gives you a vendor comparison report and tailored recommendations to support informed decision-making. 

With the plan in place, we assist in deploying post-quantum algorithms within your infrastructure: PKI, enterprise apps, or broader ecosystems. We also enable hybrid cryptography models, ensuring seamless integration across cloud, on-prem, and hybrid environments. This helps in validated interoperability, strong documentation, and hands-on training so your team can manage and maintain the system confidently. 

Before enterprise-wide deployment, we run controlled pilot tests to validate performance and resolve integration issues. Once optimized, we support a phased rollout to replace legacy algorithms, minimize disruption, and maintain compliance. This enables smooth, scalable deployment with ongoing monitoring and optimization to keep your systems secure and future safe. 

Conclusion

The release of the first finalized NIST PQC Standards marks a turning point in the way organizations secure data. With ML-KEM, ML-DSA, and SLH-DSA already standardized, we now have a clear roadmap for building systems that can withstand the era of quantum computing. The upcoming FIPS 206 standard will further fortify our digital signature defenses. By adopting these standards early, while also designing for crypto-agility, you not only reduce the risk of “harvest-now, decrypt-later” attacks but also ensure that your infrastructure remains secure for decades to come. The sooner organizations embrace NIST PQC Standards, the better prepared they will be for a quantum future.

Whether you’re just exploring where to begin or already prepared to move into implementation, the key is to take that first step and keep building momentum. And if you’re seeking a trusted partner to guide you along the way, we’re here.

At Encryption Consulting, we’re committed to helping you move forward with clarity, confidence, and a strategy tailored to your goals. Let’s get started and ensure your organization is protected, not only today, but well into the future.

You can’t protect what you can’t see. While most organizations focus on visible threats like malware and hackers, the hidden layer of cryptography is often an uncharted territory. It’s the “secret sauce” that secures everything from your customer data to your financial transactions. If you don’t know what digital locks you have, you’re flying blind. Creating a comprehensive cryptographic inventory isn’t a task born of fear for the quantum era or compliance mandates, it’s a smart, proactive step to secure your business for a future where new technologies, like quantum computers, will change all the rules.  

Think of your cryptographic system as the master set of locks for your entire company. An inventory is the blueprint for that system. It gives you a clear, up-to-the-minute view of every lock, key, and safe in your digital world, so you can manage your security with confidence and foresight. This approach moves beyond the traditional CIA triad of Confidentiality, Integrity, and Authentication to build a broader sense of digital trust. It includes ensuring Validation & Trust (making sure keys are authentic), Availability (ensuring critical systems are always ready), and Proof & Accountability (having a clear record of actions). 

The Four Pillars of a Strategic Crypto Inventory

Building a comprehensive inventory is a monumental task, but it can be broken down into a structured, manageable process based on four key pillars that ensure no layer of your digital environment is overlooked. 

• Network & Infrastructure

  This pillar focuses on both your external and internal networks. You must document all cryptography visible from outside your perimeter, like SSL/TLS certificates used for customer interactions. An inventory of these assets ensures you are using strong protocols like TLS 1.3 and renewing certificates before they expire, preventing interception of sensitive data. Internally, you must review encryption protocols for all data moving between your own systems and devices to flag outdated protocols and ensure proper configuration.

• IT Assets & Databases

  This pillar addresses data at rest on your endpoints, servers, and storage. It involves discovering how encryption is applied across all IT assets from employee laptops to IoT devices, and ensuring they use modern, strong algorithms like AES-256. For databases, which are prime targets for cyberattacks, you must analyze encryption mechanisms and key management practices, exploring quantum-safe solutions to protect your most sensitive information for years to come.

• Applications & Code

  This is where the most hidden cryptographic uses are found. Encryption is often embedded deep within an application’s logic. This pillar requires a thorough code review of both proprietary and third-party software to identify all encryption libraries and algorithms. The goal is to track legacy algorithms like MD5 or SHA-1 and ensure they are replaced with modern alternatives, making the foundation of your applications ready for the future. You can’t just ask your developers what they’re using, you need to use automated tools to scan your code and check software bills of materials (SBOMs) to spot weaknesses.

• Policy & Governance

  This is the most crucial pillar for long-term success. It establishes the rules and workflows to ensure your inventory is continuously maintained, assigning clear accountability and integrating the process into existing workflows like procurement and change management. Without governance, inventory becomes a one-time snapshot that quickly becomes obsolete. With proper policy, it transforms into a living asset that continuously protects your organization against quantum threats while enabling rapid response to emerging cryptographic requirements.

Beyond a List: What to Document for a Proactive Plan

A truly comprehensive inventory goes beyond these pillars by documenting several key layers of your IT system to provide the visibility needed for a successful migration. The goal is to move from a simple asset list to a prioritized, actionable plan. Below are the key points to keep in mind when building your cryptographic inventory: 

• Data and Device Criticality: Go beyond a simple list by documenting the business value and criticality of all sensitive data and the hardware that processes it. This is how you connect technical details to business value. 
• Owners and Vendors: Identify who is accountable for each asset and document your vendors’ security environment, as their readiness is a direct extension of your own. 
• Data Lifespan: Apply a “shelf-life risk model” to determine how long sensitive information needs to remain confidential. A medical record, for example, needs far more long-term protection than a temporary VPN session. This is critical for defending against the “harvest now, decrypt later” threat, where attackers steal encrypted data today, knowing a quantum computer will be able to break the encryption in the future. 
• Crypto Details and Mitigations: Capture granular details like key sizes, protocols, and any existing mitigations to understand your baseline cryptographic health and avoid redundant work. 
• Risk Prioritization: Combine all this information to rank assets based on their criticality, vulnerabilities, and lifespan, allowing for a data-driven conversation with leadership about where to invest first. 

This entire process is about turning raw data into a living, actionable map for your organization. It’s how you move from a reactive security environment

Overcoming the Challenges and Building Your Roadmap

Building a comprehensive inventory isn’t a simple task. Many organizations face a lack of visibility due to a knowledge gap, struggle with organizational silos that create fragmented ownership, and rely on manual processes that lead to obsolete data. However, a strategic approach turns these challenges into opportunities. 

By moving away from manual spreadsheets and using automated discovery tools, you can create a “single pane of glass” that provides a unified view of all cryptographic assets. This centralized intelligence provides the data-driven business case needed to secure executive sponsorship and gain a definitive map of your entire crypto environment.  

To build your readiness plan, follow these practical steps: 

• Secure the Budget: Get formal buy-in from senior leadership to provide the necessary resources and backing for a project of this scale. This is a non-negotiable first step. 
• Establish a Dedicated Team: Create a cross-functional team with key stakeholders from IT, security, and application owners to ensure alignment and break down organizational silos. 
• Deploy Automated Discovery Tools: Use Static Analysis (SAST) and Dynamic Analysis (DAST) tools to continuously discover cryptographic assets and prevent data drift. 
• Design a Granular Data Model & Integrate with Existing Infrastructure: Define a technical blueprint that captures essential attributes like algorithm type, key sizes, use cases, and nested dependencies, then link your inventory to existing systems like cloud key vaults and HSMs to create a holistic, centralized view. 
• Integrate with DevSecOps: Embed the inventory process into your CI/CD pipelines for ongoing monitoring and policy enforcement. 
• Engage Third-Party Vendors: Proactively communicate with your vendors to assess their PQC readiness and ensure they can support your migration timeline. 
• Assess and Prioritize Assets: Use a quantitative risk model to map assets to their business context and prioritize remediation based on quantum susceptibility and data sensitivity. 

With this strategic framework, you can turn a monumental task into a clear, actionable roadmap, ensuring your organization is not just secure for today, but prepared for whatever the future holds.

How Encryption Consulting Can Help You?

Creating a cryptographic inventory is a complicated task, but you don’t have to do it alone. At Encryption Consulting, we’re experts in applied cryptography, and we offer PQC Advisory Services designed to help businesses like yours get ready for the quantum era. 

Here’s how we can partner with you: 

• PQC Assessment: We’ll help you find all your keys and digital assets, giving you a clear picture of your quantum risk and where to focus first. 
• PQC Strategy & Roadmap: Based on what we find, we’ll help you build a custom, step-by-step plan to transition to quantum-safe algorithms without disrupting your business. 
• Vendor Selection: We’ll help you choose the right tools and technology by running proof-of-concepts on your most important systems. 
• PQC Implementation: We’ll help you smoothly integrate new, quantum-safe algorithms into your existing security setup, ensuring a seamless and secure transition. 

Conclusion

A cryptographic inventory is more than a security project; it is the foundational step for any organization seeking to prepare its digital assets for the future. By moving beyond a simple list and embracing a phased, data-driven approach, you can transform a complex challenge into a strategic advantage. The visibility and control gained from a comprehensive inventory allow you to manage business risk effectively, allocate resources efficiently, and build a resilient, crypto-agile infrastructure. This isn’t just about preparing for a theoretical future; it’s about making your organization more secure and competitive today. The time to act is now. 

We live in an increasingly interconnected world where digital security is paramount. Every click, every transaction, and every piece of data relies on cryptography. It’s the secure language that keeps your online banking safe, protects your personal messages, and safeguards critical infrastructure. Yet, as our software systems grow increasingly complex and powerful new computing technologies emerge, truly understanding and managing all the hidden cryptographic pieces within our digital tools has become a significant challenge. If you can’t see it, you can’t truly protect it. 

That’s where the Cryptography Bill of Materials (CBOM) comes in. 

What Exactly Is a CBOM?

You wouldn’t buy a complex product without knowing what’s inside, right? A CBOM is similar, but for your software’s security. It’s a highly detailed, machine-readable inventory that meticulously maps out every cryptographic “ingredient” embedded within your applications, systems, or products. It doesn’t just broadly state “we use encryption.” Instead, a CBOM dives deep, providing specifics like: 

• The Exact Algorithms and Their Specifics: This means identifying not just “AES,” but its precise variant, like AES-128-GCM. This level of detail is crucial for understanding the exact security strength and how it’s implemented. It helps you distinguish between older, weaker methods and modern, robust ones. 
• Key Strengths: Knowing the strength of your “keys” (e.g., a 2048-bit RSA key) directly indicates the resilience of your encryption. 
• Your Digital Credentials: A CBOM lists all your digital certificates, detailing who issued them, their validity periods, the algorithms they use, and their format. 
• Security Protocols and Rules: It specifies the secure communication “rules” your software follows, such as TLS 1.3 (the latest standard for secure web communication), and outlines the specific options it allows for secure connections. 
• Documenting Cryptographic Elements: The CBOM aims to provide a clear inventory of all identifiable cryptographic components, including their size, format, and whether they’re adequately secured. While unearthing truly “hidden” elements can be extremely difficult, the goal of a CBOM is to provide as complete a picture as possible of all visible cryptographic assets. 

This granular detail provides unparalleled transparency. It allows you to swiftly identify any outdated or weakly configured security components and ensure your implementations meet the highest standards. It’s about proactive security management, not just reacting to incidents. 

Why a CBOM Is Essential for Your Organization Today?

The need for a CBOM is growing rapidly, driven by significant shifts in the digital security environment:

1. Strengthening Defenses Against Attacks

   Cybercriminals are constantly enhancing their tactics, often targeting older, weaker, or improperly configured cryptographic methods that organizations might not even realize they’re using. A CBOM brings these weaknesses to light, enabling you to address them before an attacker can exploit them.

2. Preparing for Powerful New Computing Technologies

   A major driver for adopting CBOMs is the ongoing development of highly powerful new computing capabilities. These advancements hold the potential to efficiently break many of the asymmetric cryptographic algorithms we rely on today. While these capabilities may be some years away, experts advise organizations to start preparing now.

   This is because attackers might be collecting encrypted data today, planning to decrypt it later once these powerful new computers are ready. A CBOM provides the precise map you need for this journey, showing you which of your current security methods might be vulnerable to these future threats. This allows you to plan strategically for upgrades to more resilient, next-generation cryptographic solutions.

3. Meeting Compliance and Regulatory Demands

   Governments and industry bodies worldwide are increasingly emphasizing robust encryption practices. Regulations and mandates require organizations to clearly understand and control their cryptography. A CBOM provides solid, documented evidence of your organization’s comprehensive cryptographic posture, which is invaluable for demonstrating compliance and building trust with customers and partners.

4. Achieving Cryptographic Agility

   The cybersecurity environment is dynamic. New vulnerabilities emerge, and stronger algorithms are developed. Cryptographic agility, which is the ability to quickly and efficiently change cryptographic algorithms or mechanisms, is vital. A comprehensive CBOM gives you the full picture, making it far easier and faster to adapt your systems when new threats or updated standards arise.

5. Accelerating Incident Response

   Imagine a critical security flaw is discovered in a widely used encryption algorithm. Without a CBOM, identifying whether and where you’re using that vulnerable algorithm could take days or even weeks of frantic searching. With a CBOM, you can quickly pinpoint exact locations and understand your exposure, enabling a much faster, more targeted response. It also helps you verify the security practices of any software you acquire from external partners, strengthening your entire digital supply chain.

In essence, a CBOM is an advanced, specialized version of a standard software component list. While a general list (often called an SBOM) gives you a good overview, a CBOM adds that crucial, deep layer of cryptographic detail. It provides the X-ray vision for your digital security. 

Implementing a CBOM is a proactive and strategic step. It provides the clarity needed to inventory your cryptographic assets, assess potential risks, meet compliance obligations, and plan effectively for the future of digital security. In our next blog post, we’ll explore the practical steps and available tools to help your organization build its own CBOM. 

How Encryption Consulting can Help?

We are a globally recognized leader in applied cryptography, offering PQC Advisory Services designed to help organizations like yours gain full visibility and control over their cryptographic environment. 

Our services are built on a structured, end-to-end approach: 

• PQC Assessment: We perform cryptographic discovery and inventory to locate all your keys, certificates, algorithms, and dependencies. This delivers a clear Quantum Threat Assessment and a Quantum Readiness Gap Analysis that highlights your vulnerabilities and urgent priorities. 
• PQC Strategy & Roadmap: Based on your inventory data, we develop a custom, phased migration strategy aligned with NIST standards, incorporating a Cryptographic Agility Framework to prepare you for future changes. 
• Vendor Evaluation and PoC: We help you identify, evaluate, and validate PQC and cryptographic management solutions through rigorous proof-of-concepts to ensure they fit your critical systems. 
• Implementation & Integration: We seamlessly integrate PQC-ready algorithms and hybrid cryptographic models into your PKI and security ecosystem for a secure, disruption-free transition. 

With our deep expertise and proven framework, you can build, assess, and optimize your cryptographic infrastructure, ensuring both immediate resilience and long-term readiness against quantum threats.

Conclusion

CBOM is no longer optional, it is a necessity for organizations that want to stay secure, compliant, and resilient in the face of advancing cyber threats and emerging quantum risks. By providing a transparent, detailed inventory of your cryptographic assets, a CBOM empowers you to identify weaknesses, meet regulatory expectations, and strategically plan for a secure future. Partnering with experts like Encryption Consulting ensures that your organization not only builds an accurate CBOM but also integrates it into a broader cryptographic strategy that keeps you a step ahead of attackers and prepare for technological shifts. 

The National Cyber Security Centre (NCSC) has warned that while collecting and storing vast amounts of data for years is costly, the arrival of quantum computers in the next decade could make such efforts valuable for hackers. “Given the cost of storing vast amounts of old data for decades, such an attack is only likely to be worthwhile for very high-value information,” the NCSC stated.  

To this, Anne Neuberger, U.S. Deputy National Security Advisor for Cyber and Emerging Technology, highlighted that “Certainly there’s some data that’s time-sensitive, like a ship transporting weapons to a sanctioned country, probably in eight years we don’t care about that anymore”. Similarly, when you make an online payment, the card data is transmitted, and banks approve or reject the transaction almost instantly. Even if someone records this data now, it wouldn’t be valuable later because the transaction is processed immediately.

This limits the risk of a “Harvest now, decrypt later” attack. However, for in-person payments using chip-and-PIN, sometimes the terminal doesn’t connect to the bank in real time (e.g., on airplanes or in remote areas). These rely on the card’s own authentication, which uses RSA/ECC. In the future, quantum computers could forge this authentication, making it possible to bypass security without bank approval. 

Considering the importance of sensitive data, financial sector must take the lead in adopting post-quantum cryptography, as the stakes are exceptionally high, a successful quantum-enabled cyberattack could compromise trillions of dollars in assets, disrupt markets, compromised card payment or PCI data. In finance industry, security upgrades take years. Cards, terminals, and backend systems must all change simultaneously, a process that can’t be done overnight.  

Understanding existing banking protocols

Most card transactions worldwide rely on the EMV standard, which covers nearly 90% of in-person payments made with cards. This standard uses asymmetric cryptography (RSA) to authenticate cards and symmetric cryptography to generate transaction certificates, ensuring the transaction is secure. 

EMV cards use three main authentication methods. Static Data Authentication (SDA) allows a card to send signed static data to prove authenticity but is vulnerable to cloning. Dynamic Data Authentication (DDA) improves security by having the card sign a challenge during a transaction, though it still leaves later transaction steps less protected. Combined Data Authentication (CDA) strengthens this process by adding further signing, making it the most secure method currently used. Offline transactions, where no live internet verification is possible, depend heavily on these authentication methods secured by public key cryptography, which is a potential risk as quantum computers could eventually forge these cryptographic protections. 

To future-proof these systems, researchers have tested Post-Quantum (PQ) Cryptography, which uses new encryption techniques designed to withstand attacks from quantum computers.

Real World Testing of PQ security

In real-world testing, NIST researchers aimed to protect card payments from future quantum computer threats by enhancing existing EMV payment protocols. They modified two standard protocols to incorporate Post-Quantum (PQ) cryptographic algorithms, which are advanced encryption methods designed to withstand quantum attacks. To ensure a smooth transition and continued usability, these new protocols were designed to work in a hybrid mode, combining existing RSA/ECC encryption with PQ algorithms. This approach maintains backward compatibility, allowing older cards and payment terminals to function without disruption during the transition to PQC. 

The updated protocols were implemented on physical banking smart cards equipped with chips, and researchers tested their performance during live payment transactions. They measured critical factors such as the memory required on the card, transaction processing time, and additional communication overhead introduced by PQ encryption. 

The card and terminal first establish a shared secret key via PQ algorithms. Then they use symmetric encryption (fast) for PIN verification and transaction certificates. Hybrid mode signs and encrypt data both with RSA/ECC and PQ algorithms. This dual protection ensures that even if PQ cryptography faces unforeseen reliability issues, card transactions remain secure and functional. 

Challenges found

Researchers encountered several challenges during the testing of quantum-safe payment cards. 

One of the biggest issues is that Post Quantum cryptography requires much larger keys and digital signatures compared to current encryption methods. This results in slower transaction times and significantly higher memory usage on banking smart cards. 

Another major limitation is hardware. Existing cards and payment terminals have restricted storage capacity and processing power, making it difficult for them to handle PQ algorithms efficiently. Replacing or upgrading this hardware is a complex task, especially given the scale of the global banking system. With billions of cards and payment terminals in use worldwide, banks cannot switch to PQ-ready systems overnight. 

Despite these hurdles, the research confirmed that it is technically feasible to secure payment cards against quantum attacks using PQ cryptography. However, performance bottlenecks and hardware constraints remain significant obstacles. The findings highlight the urgency of beginning hardware preparation and upgrades now, ensuring that the financial industry is ready before quantum computers become advanced enough to break current RSA and ECC cryptographic systems. 

Preparing for PQC

Following roadmap created in partnership with the Department of Homeland Security (DHS) and NIST (National Institute of Standards and Technology) to guide organizations in preparing for Post-Quantum Cryptography (PQC). It highlights the need to transition from current cryptographic methods (like RSA/ECC) to quantum-resistant algorithms before quantum computers become powerful enough to break existing encryption. 

1. Engagement with Standards Organizations

   Organizations are advised to direct their key stakeholders to increase their engagement with standards developing organizations, such as NIST, PCI-DSS for latest developments relating to necessary algorithm and dependent protocol changes.

2. Inventory of Critical Data

   Every organization holds some data that, if decrypted in the future, could cause serious harm. This includes sensitive personal information (cryptography is used across their infrastructure. This includes listing all software, hardware, and applications relying on encryption. Once this inventory is complete, teams can evaluate which cryptographic methods are vulnerable to quantum attacks and estimate the costs and effort required to replace them with quantum-safe alternatives. Without this step, organizations risk overlooking hidden vulnerabilities.

3. Identification of Internal Standards

   Internal cryptographic standards and policies, define how an organization manages encryption, purchases technology, and maintains data protection policies. These rules were built around current encryption methods like RSA and ECC. With the shift to post-quantum cryptography, these internal standards will need updating to align with future security requirements. This means revising cryptographic controls, policies, standards, SLA’s , and internal compliance measures to ensure that, when PQC is implemented, it’s fully supported within organizational processes.

4. Identification of Public Key Cryptography

   From the inventory, organizations should identify where and for what purpose public key cryptography is being used and assess which systems are most vulnerable to quantum threats.

5. Prioritization of Systems for Replacement

   Not every system needs to be upgraded immediately, so prioritization is crucial. Prioritizing one system over another for cryptographic transition is highly dependent on organization functions, goals, and needs. To supplement prioritization efforts, organizations should consider the following factors when evaluating a quantum vulnerable system:

   • Is the system a high value asset based on organizational requirements?
   • What is the system protecting (e.g., key stores, passwords, root keys, signing keys, personally identifiable information, sensitive personally identifiable information)?
   • What other systems does the system communicate with?
   • To what extent does the system share information with federal entities?
   • To what extent does the system share information with other entities outside of your organization?
   • Does the system support a critical infrastructure sector?
   • How long does the data need to be protected?
6. Plan for Transition

   Using the inventory and prioritization information, organizations should develop a strategy for systems transitions upon publication of the new post-quantum cryptographic standard. Transition plans should consider creating cryptographic agility to facilitate future adjustments and enable flexibility in case of unexpected changes. Cybersecurity officials should provide guidance for creating transition plans.

Current estimate of the amount of funding required

Federal agencies, working with the Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD), in collaboration with CISA and NIST, are taking structured steps to secure U.S. Government information technology against future quantum computing threats. The effort centers on three main activities. 

1. Developing an initial inventory of cryptographic systems present on agency information systems (other than national security systems (NSS));  
2. Developing cost estimates for the transition; and 
3. Developing prioritization criteria for the transition. 

Each year, agencies must submit to OMB and ONCD an updated inventory detailing quantum-vulnerable cryptography on their prioritized systems along with migration cost estimates. Based on the latest data, ONCD projects that the total cost for transitioning prioritized federal systems to PQC between 2025 and 2035 will reach approximately $7.1 billion (in 2024 dollars). Meanwhile, the Department of Defense, the Office of the Director of National Intelligence, and the National Manager for NSS are separately estimating funding needs to migrate classified and defense systems. 

These early projections carry a high degree of uncertainty, as agencies are still refining their inventories and cost models. The estimates are currently a rough order of magnitude, not exact calculations. Agencies will continue to revise these numbers annually as they gain experience and improve their methodologies. 

A significant challenge identified is that some federal systems cannot easily adopt new cryptographic algorithms because they are hardwired in hardware or firmware or lack the capacity to handle replacements. Replacing these systems entirely contributes substantially to the overall projected cost of migration. 

How can Encryption Consulting support PQC transition?

If you are wondering where and how to begin your post-quantum journey, Encryption Consulting is here to support you. You can count on us as your trusted partner, and we will guide you through every step with clarity, confidence, and real-world expertise.   

Cryptographic Discovery and Inventory

This is the foundational phase where we build visibility into your existing cryptographic infrastructure. We identify which systems are at risk from quantum threats and assess how ready your current setup is, including your PKI, HSMs, and applications. The goal is to identify what cryptographic assets exist, where they are used, and how critical they are. Comprehensive scanning of certificates, cryptographic keys, algorithms, libraries, and protocols across your IT environment, including endpoints, applications, APIs, network devices, databases, and embedded systems. 

Identification of all systems (on-prem, cloud, hybrid) utilizing cryptography, such as authentication servers, HSMs, load balancers, VPNs, and more. Gathering key metadata like algorithm types, key sizes, expiration dates, issuance sources, and certificate chains. Building a detailed inventory database of all cryptographic components to serve as the baseline for risk assessment and planning. 

PQC Assessment

Once visibility is established, we conduct interviews with key stakeholders to assess the cryptographic landscape for quantum vulnerability and evaluate how prepared your environment is for PQC transition. Analyzing cryptographic elements for exposure to quantum threats, particularly those relying on RSA, ECC, and other soon-to-be-broken algorithms. Reviewing how Public Key Infrastructure and Hardware Security Modules are configured, and whether they support post-quantum algorithm integration. Analyzing applications for hardcoded cryptographic dependencies and identifying those requiring refactoring. Delivering a detailed report with an inventory of vulnerable cryptographic assets, risk severity ratings, and prioritization for migration. 

PQC Strategy & Roadmap

With risks identified, we work with you to develop a custom, phased migration strategy that aligns with your business, technical, and regulatory requirements. Creating a tailored PQC adoption strategy that reflects your risk appetite, industry best practices, and future-proofing needs. Designing systems and workflows to support easy switching of cryptographic algorithms as standards evolve. Updating security policies, key management procedures, and internal compliance rules to align with NIST and NSA (CNSA 2.0) recommendations. Crafting a step-by-step migration roadmap with short-, medium-, and long-term goals, broken down into manageable phases such as pilot, hybrid deployment, and full implementation. 

Vendor Evaluation & Proof of Concept

At this stage, we help you identify and test the right tools, technologies, and partners that can support your post-quantum goals. Helping you define technical and business requirements for RFIs/RFPs, including algorithm support, integration compatibility, performance, and vendor maturity. Identifying top vendors offering PQC-capable PKI, key management, and cryptographic solutions. Running PoC tests in isolated environments to evaluate performance, ease of integration, and overall fit for your use cases. Delivering a vendor comparison matrix and recommendation report based on real-world PoC findings. 

Pilot Testing & Scaling

Before full implementation, we validate everything through controlled pilots to ensure real-world viability and minimize business disruption. Testing the new cryptographic models in a sandbox or non-production environment, typically for one or two applications. Validating interoperability with existing systems, third-party dependencies, and legacy components. Gathering feedback from IT teams, security architects, and business units to fine-tune the plan. Once everything is tested successfully, we support a smooth, scalable rollout, replacing legacy cryptographic algorithms step by step, minimizing disruption, and ensuring systems remain secure and compliant. We continue to monitor performance and provide ongoing optimization to keep your quantum defense strong, efficient, and future-ready. 

PQC Implementation

Once the plan is in place, it is time to put it into action. This is the final stage where we execute the full-scale migration, integrating PQC into your live environment while ensuring compliance and continuity. Implementing hybrid models that combine classical and quantum-safe algorithms to maintain backward compatibility during transition. Rolling out PQC support across your PKI, applications, infrastructure, cloud services, and APIs. Providing hands-on training for your teams along with detailed technical documentation for ongoing maintenance. Setting up monitoring systems and lifecycle management processes to track cryptographic health, detect anomalies, and support future upgrades. 

Transitioning to quantum-safe cryptography is a big step, but you do not have to take it alone. With Encryption Consulting by your side, you will have the right guidance and expertise needed to build resilient, future-ready security posture.  

Reach out to us at [email protected] and let us build a customized roadmap that aligns with your organization’s specific needs. 

Conclusion

In conclusion, the transition to Post-Quantum Cryptography is becoming critical for the financial sector as future quantum computers could break current encryption methods that secure card payments, banking systems, and digital transactions. Research has already shown it is technically feasible to build quantum-resistant payment protocols, but challenges such as larger cryptographic keys, slower processing speeds, and costly hardware upgrades remain. Preparing early, by inventorying systems, testing hybrid encryption models, and aligning with upcoming NIST standards, will be essential to protect sensitive financial data and ensure uninterrupted trust in global payment networks when quantum computing becomes a reality.