ASD Post-Quantum Cryptography Guidance
- Issuer
- Australian Signals Directorate(ASD)
- Effective date
- Sep 1, 2023
- Published date
- Sep 1, 2023
- Full text
- View full text →
Summary
The Australian Signals Directorate (ASD) advises Australian government agencies and critical infrastructure operators to plan for post-quantum cryptography migration in alignment with NSA CNSA 2.0 and NIST PQC standards. ASD recommends ML-KEM and ML-DSA for new systems and urges organisations to complete cryptographic inventories and embed cryptographic agility into procurement processes.
Milestones (2)
| Deadline | Label | Type | Hard | Notes |
|---|---|---|---|---|
| Jun 30, 2026 | Australian government agencies: complete PQC readiness assessment | Inventory | ASD guidance recommends agencies complete cryptographic inventories and quantum risk assessments by mid-2026. | |
| Jan 1, 2027 | New government procurements: require cryptographic agility | Crypto Agility | ASD recommends cryptographic agility requirements be embedded in new government IT procurements from 2027. |
Algorithm references (3)
- ML-KEMFIPS 203Recommended
Replaces: RSA, ECDH
ASD recommends ML-KEM (FIPS 203) for post-quantum key encapsulation in Australian government and defence systems, aligned with NSA CNSA 2.0.
- ML-DSAFIPS 204Recommended
Replaces: RSA, ECDSA
ASD recommends ML-DSA (FIPS 204) for post-quantum authentication, aligned with NSA CNSA 2.0 and NIST guidance.
- SLH-DSAFIPS 205Noted
Replaces: RSA, ECDSA
SLH-DSA noted as an alternative signature scheme suitable for specific use cases such as firmware signing.
PKI Impact
MEDIUM
PKI Impact
MEDIUMASD guidance aligns closely with NSA CNSA 2.0, meaning defence-adjacent Australian operators effectively inherit CNSA 2.0's urgency despite ASD's advisory framing. Government and defence system operators face implicit pressure to track CNSA 2.0 timelines.
Migration guidance
- For defence-adjacent systems, treat ASD guidance as carrying similar urgency to NSA CNSA 2.0 and align certificate migration timelines to CNSA 2.0 milestones rather than treating ASD deadlines as purely advisory.
- Complete cryptographic inventories for all ASD Essential Eight and ISM-governed systems, including TLS certificates, client authentication certificates, and firmware signing keys.
- Require FIPS 203/204/205/206 support in all new government IT procurements from 2027 per ASD guidance; verify CA and HSM vendor roadmaps before procurement decisions.
- For firmware signing in government systems, evaluate LMS/HSS or SLH-DSA per ASD's CNSA 2.0-aligned recommendations and assess stateful key management requirements.
Changelog (2)
| Date | Type | Description |
|---|---|---|
| Aug 1, 2025 | Clarification | ASD updated guidance to reflect finalised NIST FIPS 206 and IR 8547, adding FN-DSA to monitored algorithms and reaffirming alignment with NSA CNSA 2.0 timelines. |
| Sep 1, 2023 | New | ASD published post-quantum cryptography guidance for Australian government agencies and critical infrastructure, aligning with NSA CNSA 2.0 and NIST FIPS 203/204/205. |
Issuer
Australian Signals DirectorateASD
Type: GOVERNMENT
Region: Australia