White House moves up deadline for quantum-safe encryption
Federal agencies and covered contractors face earlier targets as research suggests code-breaking quantum computers may need fewer resources than once thought.
By James Whitfield · Staff Writer
4 min read
The White House has ordered faster adoption of encryption designed to withstand future quantum-computer attacks, setting new deadlines for sensitive federal systems and related contractors. The move matters because adversaries could collect encrypted U.S. data now and decode it later if large-scale quantum machines become capable of breaking widely used cryptography, according to the executive order.
The order, titled “Securing the Nation against Advanced Cryptographic Attacks,” requires systems classified as “high-value assets” and “high-impact systems” to move to post-quantum cryptographic key-establishment schemes by Dec. 31, 2030. It sets a Dec. 31, 2031, deadline for those systems to adopt quantum-safe digital signatures.
The order says large-scale quantum computers, especially if held by adversaries, would threaten common cryptographic protections. It also says current cyber activity creates a risk that U.S. information could be gathered now for later decryption.
Earlier deadlines for sensitive systems
The new schedule shortens the transition for many organizations by roughly four to five years, according to Brian LaMacchia, a cryptography engineer at Farcaster Consulting Group who previously oversaw Microsoft’s post-quantum transition from 2015 to 2022. LaMacchia told Ars Technica that systems in the new high-value and high-impact categories now face 2030 and 2031 deadlines instead of a 2035 target.
The National Security Agency’s 2022 timeline already directed National Security Systems, which cover certain defense and intelligence systems under NSA authority, to become quantum-ready between 2030 and 2033. Ars Technica reported that most other organizations previously had until 2035.
The White House order follows research that has lowered some estimates for the resources needed to build a cryptographically relevant quantum computer. Ars Technica reported that Google, Cloudflare and other companies recently moved their own migration planning toward 2029 after new findings suggested earlier assumptions may have been too conservative.
What the order requires
The order creates a government-wide process led by the Office of Management and Budget director and the National Cyber Director. Each federal agency must name an official responsible for reporting progress on the quantum transition.
It also directs the secretary of state to work with NIST, the Defense and Homeland Security departments, the National Cyber Director and the director of national intelligence to encourage foreign governments and industry groups in key countries to adopt post-quantum algorithms standardized by NIST.
NIST and the Cybersecurity and Infrastructure Security Agency must issue guidance on cryptographic bills of materials, which identify the components, libraries and modules used in encryption systems. The order also establishes procurement provisions that appear aimed at making covered contractors meet the new deadlines and adopt vulnerability disclosure policies.
Jordan Kenyon, senior quantum scientist at Booz Allen, told Ars Technica that critical infrastructure owners and operators can expect support for post-quantum migration planning. He said covered contractors could face future rules requiring algorithms that comply with Federal Information Processing Standards by the end of 2030 and requiring disclosure of cryptographic vulnerabilities.
Why quantum computing changes the risk
No one knows when a quantum computer capable of breaking current public-key encryption will exist, according to Ars Technica. A major technical obstacle is building enough qubits, the quantum counterpart to classical bits, while controlling errors caused by interactions with the surrounding environment.
Recent research has shifted some estimates. Ars Technica reported that researchers in March said ECC-256, used to secure the bitcoin and ethereum blockchains, could be broken with 30,000 physical qubits in 10 days. Google researchers also said two quantum circuits could solve the elliptic-curve discrete logarithm problem using about 500,000 physical qubits.
RSA and elliptic curve cryptography rely on mathematical problems that classical computers struggle to reverse, such as factoring large composite numbers and solving discrete logarithms. A sufficiently powerful quantum computer running Shor’s algorithm could solve those problems far faster, while post-quantum algorithms are based on problems where quantum computers are not known to have the same advantage.
Replacing vulnerable algorithms is not a routine swap, Ars Technica reported. For example, public keys for ML-KEM, one replacement for RSA, are about three times larger, adding complexity to large-scale upgrades.
The White House also issued a separate executive order aimed at advancing quantum computing in partnership with private industry. That order establishes a national effort to build a quantum computer powerful enough to begin what it calls an era of quantum-enabled scientific discovery.
This story draws on original reporting from Ars Technica.