0-30 days
Frame the risk
Define long-confidentiality data, exposed systems and owners.
Prioritized PQC backlog.NIST PQC migration
Practical roadmap toward ML-KEM, ML-DSA and SLH-DSA
NIST published the first finalized PQC standards in 2024. Migration should begin with inventory, then hybrid pilots, before controlled rollout.
30-90 days
Inventory RSA/ECC
Scan TLS, certificates, SSH, code signing, libraries and vendor dependencies.
Maintainable crypto register.3-6 months
Require vendor evidence
Ask for hybrid support, timeline, limits, attestations and rollback plans.
Actionable vendor matrix.6-12 months
Pilot hybrid modes
Test compatibility, latency, message size, observability and impact on older clients.
Decision records by protocol.12-24 months
Industrialize crypto-agility
Centralize policies, automate rotation and remove hardcoded algorithms.
Repeatable migration.Before 2035
Exit vulnerable algorithms
Plan RSA/ECC deprecation according to regulatory deadlines and business constraints.
Trajectory compatible with the NIST transition.NIST references to track
FIPS 203 - ML-KEM
Key-encapsulation mechanism standard, derived from CRYSTALS-Kyber, for post-quantum key establishment.
View FIPS 203FIPS 204 - ML-DSA
Primary post-quantum digital signature standard, derived from CRYSTALS-Dilithium.
View FIPS 204FIPS 205 - SLH-DSA
Stateless hash-based signature standard, derived from SPHINCS+, useful as a diversity option.
View FIPS 205NIST IR 8547
Draft transition report identifying vulnerable standards, PQC replacements and the removal horizon for vulnerable algorithms.
View IR 8547