NCSC Guidance: Post-Quantum Cryptography Migration
- Issuer
- National Cyber Security Centre(NCSC)
- Effective date
- Aug 1, 2023
- Published date
- Aug 1, 2023
- Full text
- View full text →
Summary
The UK National Cyber Security Centre (NCSC) provides guidance on migrating to post-quantum cryptography, urging UK organisations to begin planning immediately. The NCSC recommends following NIST-standardised PQC algorithms and adopting a hybrid approach during transition. Aligned with the UK Government Cyber Security Strategy 2022–2030, the guidance targets government departments, critical national infrastructure operators, and large enterprises.
Milestones (2)
| Deadline | Label | Type | Hard | Notes |
|---|---|---|---|---|
| Dec 31, 2025 | Begin cryptographic inventory and PQC readiness assessment | Inventory | NCSC urges organisations to complete cryptographic asset inventories and identify quantum-vulnerable systems. This is a recommendation, not a statutory deadline. | |
| Dec 31, 2027 | Implement cryptographic agility in new and updated systems | Crypto Agility | NCSC recommends organisations embed cryptographic agility into procurement and development practices by 2027. |
Algorithm references (3)
- ML-KEMFIPS 203Recommended
Replaces: RSA, ECDH
NCSC recommends ML-KEM (FIPS 203) as the primary post-quantum key encapsulation mechanism for UK organisations.
- ML-DSAFIPS 204Recommended
Replaces: RSA, ECDSA
NCSC recommends ML-DSA (FIPS 204) for post-quantum digital signatures in UK systems.
- SLH-DSAFIPS 205Noted
Replaces: RSA, ECDSA
SLH-DSA (FIPS 205) noted as an alternative signature scheme with conservative security assumptions.
PKI Impact
MEDIUM
PKI Impact
MEDIUMNCSC guidance targets UK government and critical national infrastructure operators whose certificate-dependent services face long-term quantum risk. Deadlines are advisory, but long PKI migration lead times — particularly Root CA re-keying — mean organizations that delay past 2025 will face compressed timelines.
Migration guidance
- Complete a cryptographic asset register covering all TLS certificates, code-signing certificates, and client authentication certificates used in CNI and government systems.
- Adopt NCSC's recommended hybrid approach for TLS: deploy ML-KEM alongside ECDH key exchange to protect against both classical and quantum adversaries during transition.
- When renewing CAs or procuring HSMs, require vendor roadmaps for ML-DSA (FIPS 204) and ML-KEM (FIPS 203) support in hardware before committing to a platform.
- Use NCSC's Board Toolkit framing to communicate PKI migration cost and urgency to senior leadership for budget allocation.
Changelog (2)
| Date | Type | Description |
|---|---|---|
| Jul 1, 2025 | Clarification | NCSC updated PQC migration guidance to incorporate FIPS 206 (FN-DSA) and align with final NIST IR 8547 deprecation timelines, reinforcing the hybrid approach for UK government and CNI systems. |
| Aug 1, 2023 | New | NCSC published updated post-quantum cryptography migration guidance, recommending NIST FIPS 203/204/205 and hybrid approaches for UK organisations. |
Issuer
National Cyber Security CentreNCSC
Type: GOVERNMENT
Region: UK