EO 14412: Official Post-Quantum Transition Deadlines

On June 22, 2026, the United States set hard deadlines for moving federal cryptography to post-quantum standards to secure the nation against advanced cryptographic attacks.

The President signed Executive Order 14412, “Securing the Nation Against Advanced Cryptographic Attacks”, the order that tells federal agencies to pull out the public-key cryptography they have run for thirty years and replace it with quantum-resistant algorithms on a clock. High-value systems must move to post-quantum cryptography for key establishment (the authenticated handshake that opens a trusted connection) and for digital signatures (the proof that a message, certificate, or piece of code is genuine).

A NIST pilot is already underway. And a proposed procurement rule pulls federal contractors onto the same timeline, which is how this reaches the private sector, whether or not you sell to the government.

RSA and elliptic-curve cryptography do more than scramble data. They are what let a certificate vouch for a server, a signature attest to where software came from, and one workload decide whether to trust another. They are the foundation of machine identity. EO 14412 is not only a data-protection directive, but it also aims to rebuild the cryptographic roots of digital trust before those roots can be forged.

Cryptography as the root of machine identity

The two milestones the order sets are, at their core, identity functions. Key establishment is how two parties authenticate each other and agree on a session: a digital signature is how a relying party confirms that a certificate, document, or software build genuinely came from the source it claims to be. Strip out the algorithms underneath, and the assertions they support, this server is who it says it is, this code has not been tampered with, no longer hold.

That is why the quantum threat has two facets. The first is confidentiality: an adversary can copy encrypted data today and decrypt it later, once a capable machine exists. The industry calls this “harvest now, decrypt later,” and the Electronic Frontier Foundation has likened it to encryption’s Y2K moment, with the difference that once data is copied, it cannot be uncopied. The second face is the one that should concern anyone who operates a PKI: a quantum computer capable of breaking RSA or ECC can forge the signatures and certificates that establish identity. The browser padlock, the code-signing seal, the device certificate, and the mutual-TLS handshake between services each become easy to counterfeit.

This becomes a bigger worry because the cost of an attack continues to fall. A few years ago, breaking RSA-2048 was estimated to require tens of millions of qubits. By 2025, Google researchers had reduced that estimate to under a million.

The forcing functions are stacking

EO 14412 also lands in the middle of three forces converging at once, and the mandate is only the newest of them: the lifespan of the TLS certificates that anchor machine identity is being compressed from 398 days to 47 by March 2029, in phases. For an organization running a thousand certificates, that converts roughly a thousand renewals a year into about eight thousand. Manual rotation, already fragile, becomes unviable well before the final step.

Now let’s add volume. The number of identities that must be managed and eventually made quantum-safe is climbing Machine identities already outnumber human ones at a 45:1 ratio, and the rapid adoption of autonomous AI agents is accelerating that growth: each agent and the workloads it spawns needs its own credentials, certificates, and keys. The cryptographic footprint that has to migrate is expanding just as the window to migrate shrinks.

These pressures are often handled as separate problems, but they share one root. The 47-day certificate lifespan, the surge in non-human identities, and the post-quantum mandate all demand the same underlying capability: continuous discovery of every key and certificate, and automated rotation and re-issuance at scale. Post-quantum migration is the largest and slowest of the three, but it runs on exactly the same rails. An organization that cannot rotate a certificate without manual effort today has no realistic path to swapping an algorithm across its estate by 2031.

Operationalizing the transition: A practical sequence

A five-year horizon sounds doable until you account for what must happen first. The hardest part of this transition is not the cryptographic swap, but the groundwork that precedes it. The order is strict about sequence: inventory, prioritization and migration. The key to inventory is to start with discovery. Organizations moving forward should consider these practical steps:

1. Build a complete cryptographic inventory. Establish a single, automated source of truth for every certificate, key, and algorithm across your environment (human, workload, and agent identities), along with what depends on each.
2. Identify your long-lived secrets. Prioritize data and systems whose confidentiality must outlast the arrival of quantum decryption. These are your harvest now, decrypt later exposures, and they migrate first. 
3. Map your dependencies. Know which applications, devices, and services rely on each cryptographic asset before you change anything
   
4. Establish crypto-agility now. Put the automation in place to rotate and re-key at scale, so the eventual algorithm swap is a configuration change rather than a fire drill.
   
5. Prepare for the cryptographic bill of materials. The forthcoming CISA and NIST guidance will expect automated, machine-readable cryptographic asset data. Building that capability now means meeting the standard rather than scrambling for it. 

Crypto-Agility as a continuous discipline

PQC readiness is not a one-time migration that ends in 2031. Crypto-agility is an operating capability to be maintained permanently and not a project to be completed.

NIST will continue to publish standards and when an algorithm weakens will retire it. Certificate lifetimes will keep shortening past 47 days. The identity population will continue to expand as automation and AI agents proliferate. Each of these is its own rotation event, and they will not stop arriving.

The order mandates organizations to understand what they have and to have a plan for this year. Organizations that begin their inventory now will spend the next four years executing in a controlled way. Those who wait will spend the first two years discovering they never had an accurate picture of their own cryptography.

The encouraging part is that the destination is already reachable as quantum-safe algorithms are standardized and available today. The transition requires the ability to see your cryptography and your machine identities clearly and to keep changing them, continuously, without disruption, as the standards beneath them evolve.

See where your certificates, keys, and machine identities actually live, and build the agility to keep them trustworthy as standards evolve. Request a Demo

Sources & further reading 

• • The White House: Executive Order 14412, “Securing the Nation Against Advanced Cryptographic Attacks” 
  • The Executive Order Official Document
  • NIST IR 8547: Transition to Post-Quantum Cryptography Standards (2030 / 2035 timeline) 
  • OMB: July 2024 Report to Congress on Post-Quantum Cryptography ($7.1B estimate) 
  • The Quantum Insider: Migration timelines and falling qubit estimates for breaking RSA-2048 
  • The Hacker News: The non-human identity crisis and the impact of agentic AI 
  • AppViewX: The 47-day certificate validity period 
  • TechTimes / EFF: “Harvest now, decrypt later” and the Y2K comparison 
  • SecurityWeek: EO accelerating post-quantum cryptography migration 
  • The Block: 2027 pilot and 2030 / 2031 migration deadlines 

About the Author

Chaitanya Challa

Director of Product Management

More From the Author →