Aligning with Emerging Global Standards

NIST's PQC Standardization

A quantum-resilient architecture should implement the algorithms selected through NIST's rigorous multi-year evaluation process, ensuring alignment with the definitive global standard for post-quantum cryptography:

• ML-KEM / FIPS 203 — the key encapsulation mechanism built on the CRYSTALS-Kyber algorithm family. Supports all security levels (ML-KEM-512, ML-KEM-768, ML-KEM-1024).
• ML-DSA / FIPS 204 — the digital signature scheme built on CRYSTALS-Dilithium. Used for authentication, integrity verification, and code signing.
• SLH-DSA / FIPS 205 — the hash-based signature scheme built on SPHINCS+, providing security under different mathematical assumptions as a diversified backup.

NSA CNSA 2.0 Migration Guidance

The NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) provides migration guidance for national security systems (NSS). These timelines apply specifically to NSS and vendors supplying them — they are not direct mandates for commercial organizations, but they signal the direction of future compliance expectations.

Key dates from published CNSA 2.0 guidance (subject to revision):

• 2025 — target for software and firmware signing to prefer quantum-resistant algorithms for NSS.
• 2027 — target for web servers, cloud services, and networking equipment supporting NSS to support PQC.
• 2030 — target for full transition of national security systems. Crypto-agility supports incremental migration toward this goal.

Important distinction: NIST FIPS 203/204/205 are finalized federal standards (August 2024). CNSA 2.0 provides NSA policy guidance with target dates. CSfC (Commercial Solutions for Classified) addenda provide implementation guidance that is explicitly subject to change. These are related but separate frameworks.

Swap Algorithms Without Rebuilding

Crypto-agility is the ability to replace cryptographic algorithms and parameters without modifying application code or disrupting operations. This should be a core architectural property of any quantum-ready system:

• Algorithm abstraction layer — applications interact with cryptographic services through a stable API. The underlying algorithms are configured via policy, not code.
• Hot-swappable primitives — when a new algorithm is approved (or an existing one deprecated), the change is applied through the policy engine with zero application changes.
• Version-tagged ciphertext — all encrypted data carries metadata identifying the algorithm and parameters used, enabling automatic re-encryption during migration.
• Graceful deprecation — deprecated algorithms remain available for decryption of historical data while blocked for new encryption operations.

Why Crypto-Agility Matters for Compliance

Regulatory bodies are increasingly encouraging crypto-agility as a recommended capability, not just a theoretical best practice:

• NIST SP 800-131A establishes guidance for transitioning away from deprecated algorithms on defined timelines.
• The EU Cybersecurity Act and European Cybersecurity Certification Scheme are developing crypto-agility requirements.
• Financial regulators (PCI DSS, SOX) are likely to incorporate PQC readiness into future audit frameworks, though specific requirements have not yet been finalized.

Every Cryptographic Operation Must Be Recorded

A compliant architecture maintains comprehensive, tamper-evident logs of all cryptographic operations, providing the audit trail that compliance regimes demand:

• Key lifecycle events — generation, distribution, rotation, usage, and destruction of every key is logged with timestamps, actors, and justification.
• Algorithm usage tracking — every encryption and decryption operation logs the algorithm, key identifier, and security level used.
• Policy enforcement logs — every policy decision (approve, deny, warn) is recorded, including the rule that triggered it and the context of the request.
• Tamper-evident storage — audit logs are stored with cryptographic integrity protection (hash chains), making unauthorized modification detectable.

Compliance Report Generation

Audit logs should feed directly into compliance reporting, reducing the manual effort required for security assessments:

• Automated compliance dashboards showing PQC migration status across the infrastructure.
• Exportable audit reports formatted for common compliance frameworks (SOC 2, ISO 27001, NIST CSF).
• Real-time alerting when cryptographic operations fall outside of policy parameters.