U.S. Post‑Quantum Cryptography Migration: A Practical Plan for Q‑Day Risk

The July 2024 OMB report makes clear that post-quantum cryptography migration is a long-lead operational program, not a future technology upgrade. Even without a cryptanalytically relevant quantum computer today, Federal agencies must begin inventorying cryptography, prioritizing long-lived data, identifying non-migratable systems, and aligning to NIST standards now to manage record-now-decrypt-later risk and avoid disruptive, costly replacements later.

Executive summary

The White House Office of Management and Budget (OMB) issued a July 2024 report to Congress on how the Federal Government will migrate Federal information systems to post‑quantum cryptography (PQC), a shift aimed at reducing exposure to future quantum attacks.

Here’s the leadership takeaway for post-quantum cryptography migration:

The report is mandated by the Quantum Computing Cybersecurity Preparedness Act (6 U.S.C. § 1526) and is structured around (1) migration strategy, (2) funding estimates, and (3) standards coordination led by NIST.

A cryptanalytically relevant quantum computer (CRQC) is not known to exist today, but the report warns that continued progress could yield one in the coming decade so preparation needs to start well before “Q‑day.” The Federal strategy is built on four practical precepts: inventory, start early (record‑now‑decrypt‑later risk), prioritize, and identify non‑migratable systems early.

The Office of the National Cyber Director (ONCD) projects roughly $7.1B (2024 dollars) to migrate prioritized Federal systems to PQC between 2025–2035, with a significant portion driven by replacing systems where crypto is hardwired into hardware/firmware or systems can’t accept new algorithms.

PQC migration is not “flip a switch.” Interoperability and fail‑secure behaviors can create real operational impacts if partners migrate out of sync.

Why this report matters. The age of quantum risk assessment.

Quantum computing holds major promise across research and industry but it also creates a credible future risk to cryptography that underpins everyday operations across government and critical infrastructure. The OMB report is clear about the planning reality: even if a CRQC is not available today, agencies must begin migration planning now to avoid being caught flat‑footed later. Just as important, “Q‑day” isn’t the only risk milestone. The report highlights record‑now‑decrypt‑later as an urgent driver: adversaries can collect encrypted traffic today and decrypt it in the future once quantum capability arrives.

What the OMB report covers

The report is explicitly organized into three sections:

• A strategy for migrating Federal information systems to PQC

• Rough order‑of‑magnitude estimates for funding required to move away from quantum‑vulnerable cryptography

• Federal coordination, led by NIST, to develop PQC standards and timelines

That structure matters because it connects policy mandates to execution mechanics (inventory, prioritization, budgeting, standards timing).

The Federal migration strategy in four precepts

OMB frames the migration strategy around four precepts that, taken together, form a straightforward execution sequence: know what you have → start early → prioritize → surface blockers immediately.

1) Maintain a comprehensive, ongoing cryptographic inventory

A PQC program doesn’t start with algorithms, it starts with visibility. The report emphasizes that inventories must be iterative and ongoing, because public‑key cryptography is ubiquitous and embedded, and because patching, updates, and lifecycle refreshes constantly change what’s deployed.

It also notes that automated tools may miss instances of public‑key cryptography, and that agencies are required to conduct an annual manual inventory in addition to automated discovery approaches.

Practical leadership translation: Your inventory should cover protocols, libraries, appliances, products, vendors, and hidden dependencies, not just “assets.”

Maintaining a comprehensive inventory is “an iterative and ongoing process.”

2) Start migration before a CRQC is operational

The report explains the record‑now‑decrypt‑later problem plainly: an attacker can copy encrypted data today and decrypt it later if a CRQC becomes capable.

Practical leadership translation: Treat PQC as a current risk management program, not a “future tech upgrade.” Prioritize the data that would still be damaging if decrypted years from now.

3) Prioritize systems and data for migration

OMB stresses that PQC migration will take deliberate planning over multiple years and that interoperability is a primary concern. If one side migrates and the other doesn’t, encrypted connections may fail, and many systems are designed to “fail secure,” which can create operational impacts.

The report also outlines what should be migrated first, including:

• High impact information systems

• Agency high value assets

• Systems with data expected to remain mission‑sensitive in 2035

• Asymmetric‑encryption access control systems like public key infrastructure (PKI)

Practical leadership translation: Prioritization isn’t just technical, it’s mission governance. Your “Phase 1” needs clear, defensible criteria tied to business/mission impact and data longevity.

4) Identify systems that cannot support PQC as early as possible

Some systems won’t be able to adopt PQC without replacement because cryptographic algorithms are hardwired into hardware/firmware or systems lack the capacity to accept new algorithms. The report warns that replacing these systems can be a major driver of cost and schedule.

What agency leaders should do now

The report provides a framework; execution requires leadership pressure and governance. Here’s a leader-ready playbook aligned to the Federal approach:

Step 1: Demand a real cryptographic inventory (not an asset list)

At a minimum, your inventory should answer:

• Where is public‑key cryptography used (TLS, VPN, PKI, code signing, authentication, S/MIME, device identity)?

• What algorithms and key sizes are in play (e.g., RSA/ECC or other quantum‑vulnerable mechanisms)?

• What dependencies exist (libraries, appliances, vendor modules, embedded devices)?

• What is the refresh cycle (patching and lifecycle upgrades) and how does inventory stay current?

Step 2: Treat “record‑now‑decrypt‑later” as a prioritization driver

Ask: “If this traffic/data is decrypted in 2035, does it still matter?” The report explicitly ties prioritization to long-lived sensitivity and recognizes 2035 as a planning horizon for mission-sensitive data.

Step 3: Build a phased roadmap through 2035

A usable roadmap includes milestones for:

• Inventory completion + validation

• Prioritization and sequencing approval

• Interoperability testing (especially where partners and vendors are involved)

• Production rollouts by tranche (starting with highest‑value systems)

• Decommissioning of quantum‑vulnerable cryptography

The report’s own framing is multi‑year and highlights interoperability risk, so a “one-and-done” plan is not credible.

Step 4: Make accountability explicit

Name a role or committee with authority to drive the program, resolve cross‑team dependencies, and report progress. PQC migration isn’t only a security issue, it’s also enterprise architecture, procurement, systems engineering, and operations.

Step 5: Require vendors to publish PQC transition plans

Even a strong internal plan can be constrained by vendor readiness. Require vendors to disclose:

• Product timelines for implementing NIST PQC standards

• Upgrade vs. replacement requirements

• Interoperability approach (e.g., staged transitions, dual-stack support)

• Then incorporate that data into your inventory and roadmap so procurement and technical sequencing stay aligned.

What vendors supporting government should do now

If you provide products or services to Federal agencies, you should assume agency customers will increasingly ask for evidence. Prepare to provide:

• A cryptography “bill of materials” view (where crypto is used and how it can be changed)

• A roadmap aligned to Federal prioritization (high impact/high value first)

• The White House

• Clear identification of which components cannot support PQC and the upgrade/replacement path

• Testing guidance and interoperability support, because failure modes can impact mission operations

• Budget reality: why replacement costs shape the timeline

OMB reports that agencies submit annual inventories and cost estimates for prioritized systems, and ONCD projects a total government-wide cost of approximately $7.1B (2024 dollars) for migrating prioritized systems to PQC between 2025 and 2035.

The report also notes that significant costs come from replacing systems that can’t accommodate new cryptography, such as those with hardwired algorithms in hardware/firmware or those lacking capacity for replacement algorithms.

Replacement of systems with hardwired crypto “constitutes a significant portion” of total cost.

Standards watch - align roadmaps to NIST’s PQC timeline

The OMB report includes a NIST timeline showing:

July 2024: publication of the final first three PQC FIPS

August 2024: start of standardization of the FALCON digital signature standard

Separately, NIST announced approval of three PQC Federal Information Processing Standards (FIPS) in August 2024.

Non‑government organizations: the same playbook still applies

Even outside government, the strategy maps cleanly:

• Maintain a cryptographic inventory (public‑key crypto is the focus)

• Start early due to record‑now‑decrypt‑later risk

• Prioritize systems/data by impact and sensitivity over time (not just today’s severity)

• Identify non‑migratable systems early and set replacement timelines

• The difference is scope, regulatory drivers, and governance structure, not the operational sequencing.

Executive checklist for your next steering meeting

Use these questions to turn PQC from a concept into an execution plan:

• Do we have a cryptographic inventory (not just an asset inventory)? How is it kept current?

• Are we using both automated discovery and manual methods where tools lack visibility?

• Which systems are prioritized first (high impact, high value, mission‑sensitive in 2035, PKI)?

• Where are our biggest blockers (hardwired crypto, constrained devices, vendor lock‑in), and what are the replacement timelines?

• Do our timelines reflect interoperability dependencies and fail‑secure behavior?

• What is our roadmap through 2035, and what milestones and metrics will leadership see annually?

• Are we budgeting for replacement costs, not just engineering effort?

• Are we aligned to NIST’s PQC standards timeline and tracking follow‑on algorithms like FALCON?

Post-quantum migration is no longer optional, and it is no longer abstract. Quantum computing compliance is a reality.

The Federal roadmap shows that success depends on visibility, prioritization, and sustained execution over a decade. Organizations that act now can migrate deliberately by building accurate cryptographic inventories, aligning to NIST standards, and managing interoperability and replacement risk before deadlines force reactive decisions.

ArcQubit helps organizations operationalize this reality by turning cryptographic discovery, assessment, and roadmap planning into a measurable, repeatable program so PQC readiness becomes governed execution, not last-minute post-quantum compliance.

Join early access at ArcQubit.io

Source:

REPORT ON POST-QUANTUM CRYPTOGRAPHY - the Quantum Computing Cybersecurity Preparedness Act, Public Law No: 117-260

https://bidenwhitehouse.archives.gov/wp-content/uploads/2024/07/REF_PQC-Report_FINAL_Send.pdf