In a major step toward future-proofing Europe’s cybersecurity, the European Union has unveiled a detailed roadmap for transitioning all Member States to post-quantum cryptography (PQC), setting firm milestones through 2035.
The initiative, coordinated by the European Commission and supported by the NIS Cooperation Group, outlines strategic priorities, technical recommendations, and policy objectives to counter the emerging threat posed by quantum computing.
Quantum computers, while promising breakthroughs in fields like healthcare and climate modeling, also threaten current cryptographic systems. Algorithms such as RSA and elliptic-curve cryptography, widely used for securing sensitive data and verifying digital identities, could be rendered obsolete once quantum machines achieve sufficient power. This looming risk has spurred global action, and the EU’s roadmap is Europe’s response to the race for cryptographic resilience.
The transition effort stems from the Commission's recommendation issued on April 11, 2024. In response, a dedicated PQC workstream within the NIS Cooperation Group developed a comprehensive implementation plan, released publicly in June 2025. The document sets out a structured migration path divided into three major milestones:
- By end of 2026: All EU Member States must have developed national PQC transition roadmaps and begun pilots for high- and medium-risk use cases. Initial steps include performing quantum risk analyses, building cryptographic inventories, engaging stakeholders (including vendors and public institutions), and raising awareness across sectors.
- By end of 2030: The transition for all high-risk use cases must be complete. This includes replacing vulnerable cryptographic mechanisms in areas like government communications, public key infrastructures, and software/firmware update systems. By this stage, quantum-safe upgrades should be standard in all critical systems.
- By end of 2035: Member States should have completed transitions for medium- and low-risk use cases “as much as feasible.” This final phase aligns EU efforts with global targets, including timelines proposed by NIST and the UK’s NCSC.
High-risk use cases are defined as those involving data that must remain confidential for a decade or more, such as classified government communications or sensitive business secrets. The roadmap warns that adversaries may already be collecting encrypted data for future decryption (“store now, decrypt later” attacks), making immediate action essential.
The document also advises the adoption of hybrid cryptographic schemes, pairing quantum-vulnerable and quantum-safe algorithms, to ensure security during the transition period. Where possible, organizations should replace RSA and DSA mechanisms with post-quantum algorithms vetted through international standardization efforts, such as those endorsed by NIST.
Critical infrastructures and entities covered under the NIS2 Directive, DORA, and the Cyber Resilience Act (CRA) are urged to embed quantum readiness into risk management frameworks. From December 2027 onward, new digital products must be upgradable to quantum-safe mechanisms, per CRA requirements.
The roadmap calls for significant cross-border coordination, highlighting the interdependence of Member States in digital operations. It recommends establishing national PQC expertise centers, participating in EU-level testing infrastructures, and promoting interoperability through shared standards. Furthermore, national procurement and certification schemes must begin factoring in PQC requirements, ensuring that future products and services are aligned with long-term security needs.
Leave a Reply