Post-Quantum Cryptography Readiness Guide for PKI

Key Takeaways

• Achieving post-quantum cryptography readiness for PKI teams requires a phased approach for gaining crypto-visibility, implementing hybrid cryptography, and executing migrations
• Quantum-vulnerable algorithms will be completely deprecated by 2030 and disallowed by 2035 as mandated by NIST
• 65% of professionals are worried about the threat of “harvest now, decrypt later” attacks
• Having a Cryptographic Bill of Materials (CBOM) can help your organization implement an effective migration strategy
• Quantum resilience can be achieved through hybrid cryptography
• Crypto-agility is integral to addressing both the 47-day certificate mandate and the PQC transition

Quantum computing’s threat to public infrastructure has become glaringly real in recent times. Back in 2024, NIST published IR 8547, giving us a glimpse into the proposed timeline for deprecating quantum-vulnerable cryptographic algorithms. Under this transition plan, algorithms such as ECDSA, ECDH, and RSA are expected to be deprecated by 2030 and fully disallowed by 2035. Meaning, five years after the deprecation, they will no longer be of use to organizations that wish to be compliant with evolving security standards.

In accordance with this projection is NSA’s Commercial National Security Algorithm Suite 2.0, which requires new National Security System acquisitions to have PQC deployments beginning in 2027. Meanwhile, a similar directive from the UK’s National Cyber Security Centre mandates completing the full migration to PQC by 2035.

Such endeavors are not without their economic consequences. In fact, migrating federal information systems to post-quantum cryptography is estimated to cost up to $7.1 billion between 2025 and 2035, according to The White House Report on Post-Quantum Cryptography.

These dates are not just mere deadlines to PKI professionals and security teams. If anything, these timelines represent the significant change in how cryptographic governance and certificate lifecycle management must operate. This is why it is imperative that organizations start building their crypto-agility as early as now.

Understanding the NIST PQC Standards for PKI

The beginning of the new cryptographic era was heralded in 2024 by the finalization of NIST’s first three post-quantum cryptography standards. This set of standards serves as the cornerstone of quantum-resistant PKI systems and is as follows:

 

• FIPS 203 (ML-KEM) – With the Module-Lattice-Based-Key-Encapsulation Mechanism as the main standard for general encryption, this algorithm is intended to substitute RSA and ECDH in TLS key exchange and certificate enrollment processes.
• FIPS 204 (ML-DSA) – This standard establishes the Module-Lattice-Based Digital Signature Algorithm designed for X.509 certificates, code signing, and document authentication.
• FIPS 205 (SLH-DSA) – A stateless hash-based digital signature scheme that provides algorithm diversity alongside lattice-based algorithms, serving as a fallback option should vulnerabilities emerge in lattice-based systems.

Algorithm Standard	Primary Use Case	Considerations for PKI
FIPS 203 (ML-KEM)	Key establishment and general encryption	Large key sizes (800 – 1,600 bytes) require infrastructure testing
FIPS 204 (ML-DSA)	Digital signatures	Fundamental algorithm for certificate signing
FIPS 205 (SLH-DSA)	Backup digital signatures	Larger signatures suit high-assurance use cases like root CA certificates

It is also worth noting that a fourth standard called FN-DSA, which is based on the Falcon algorithm, is currently in draft status. It offers significantly smaller signature sizes and faster verification to cater to resource-constrained systems.

Evaluating Your Current PKI’s Quantum Vulnerability

Having complete visibility over your cryptographic infrastructure is crucial before your PKI even starts planning migration. This will help determine which algorithms are protecting key operations and sensitive data, and which certificates are already in place.

ISACA’s 2025 research shows that 62% of technology professionals voiced concerns about how current encryption will break quantum computing. Despite this, only 5% of organizations worldwide possess a comprehensive quantum computing strategy. This disparity poses a substantial operational and organizational risk.

In the same year, a report from the Capgemini Research Institute found that “harvest-now, decrypt later” attacks are a major concern for 65% of organizations. This is due to the fact that any encrypted data that has been collected now can be stored and later decrypted once quantum computers are made available.

It is clear that visibility is non-negotiable because you cannot migrate what you cannot see.

To have a full notion of which algorithms your systems are using, their expiration dates, and what they protect, you must have a definitive cryptographic inventory that oversees all of the certificates across your multi-cloud environment. Such an inventory will serve as the foundation of your Cryptographic Bill of Materials (CBOM), which will help organize remediation efforts according to risk.

You can automate the discovery process with the help of AppViewX’s PQC Assessment Tool, which can scan certificates to generate a CBOM that includes remediation recommendations. This approach eliminates guesswork and can help you make informed decisions in later planning.

PKI Component	Quantum Vulnerability	Migration Priority
Root CA certificates	High (long-lived, critical trust anchor)	Critical
Intermediate CA certificates	High (trust chain dependency)	Critical
End-entity TLS certificates	Medium (shorter lifespans that reduce exposure)	High
Code signing certificates	High (software remains in use beyond Q-Day)	High
Internal PKI/ Microsoft CA	Medium-High (often overlooked)	Medium

How to be PQC-Ready

Deloitte’s Global Future of Cyber survey states that 52% of organizations are actively measuring their exposure to quantum-related threats and developing strategies to combat them. However, without the essential expertise, quantum-resilience cannot be guaranteed. In 2025, IBM’s Quantum-Safe Readiness Index highlighted how the average organization only scores 25 on a 100-point scale when it comes to quantum preparedness.

PQC readiness is not something that you can build overnight. It takes careful study, a phased approach, and strategic investment of time and resources.

Here is a phased strategy that will enable your organization to incrementally develop quantum resilience without sacrificing security.

Phase 1: Establish Cryptographic Visibility

As mentioned earlier, complete discovery of your entire certificate infrastructure is the best place to start. In this phase, you should produce your CBOM so that you have a better grasp of your algorithm distribution and migration targets.

This is also when your organization should invest in building internal skills. The majority of security teams these days lack the specialized knowledge essential for PQC migration. A study conducted by IBM highlighted that organizations have a 36% deficit in quantum-safe cryptography expertise. You can bridge this skill gap by teaming up with certificate lifecycle management services. This way, your team can allocate its efforts to developing proficiency through hands-on experience.

Phase 2: Test and Validate Hybrid Approaches

To preserve backward compatibility while increasing quantum resistance, classical algorithms are used in conjunction with post-quantum algorithms to build hybrid cryptography. This phase requires a ton of prep work from PKI teams. You must test certificate issuance with PQC algorithms.

Luckily, with services like the free AppViewX PQC test Center, you can develop a quantum-safe environment where you can test your ML-DSA or SLH-DSA signed certificates to help you pinpoint exactly which servers, applications, and devices in your system can validate them.

You should also check if your preferred certificate authorities are able to provide PQC-signed certificates.

In recent times, prominent cloud service providers like AWS, Microsoft Azure, and Google Cloud have promised hybrid TLS support with full PQC migration targets from 2028 to 2030. If you aim to work with vendors, be sure to study their roadmaps to figure out when their systems will support PQC algorithms. This will enable you to know exactly when you can deploy quantum-resistant certificates on their platforms.

Remember, hybrid cryptography is not the goal. It is the path that can lead you to full quantum preparedness.

Phase 3: Execute Migration at Scale

Now that you’ve addressed visibility and validated hybrid approaches, your PKI team can focus on performing a systematic migration. You should begin with any systems that manage data with long confidentiality requirements. These can be Root CA certificates, code signing infrastructure, and systems that handle personally identifiable information.

It goes without saying that automation is vital to this phase. Certificate lifecycle management capabilities that conduct 47-day renewals can help your organization streamline migration even at scale.

Building Crypto-Agility Into Your PKI Infrastructure

If your organization is well-equipped to handle or adapt to rapidly changing cryptographic implementations while maintaining seamless operations, this means you have cryptographic agility. The way cryptographic standards are continuously evolving makes it vital for your organization to be agile even beyond PQC.

NIST’s analysis illustrated how the DES transition to AES lasted over twenty years, not to mention that DES was not fully phased out until 2024. With the looming threat of “harvest now, decrypt later” schemes, PQC transitions simply cannot encounter any such delays.

PQC readiness through crypto-agility can be achieved through:

• Visibility – monitoring all your certificates, algorithm usage, and compliance drift across your cryptographic ecosystem. This can easily be achieved with the help of Smart discovery capabilities.
• Automation – addresses manual bottlenecks that can impede cryptographic transitions. Automated certificate provisioning, renewal, and revocation can prevent algorithm migrations from becoming infrastructure projects. On March 15, 2026, the first phase of TLS certificate lifetime reductions took effect, lowering the maximum public TLS certificate validity to 200 days. As certificate lifespans continue to shrink over the next few years, automation will be critical to manage renewals at scale.
• Control – Consistently enforces cryptographic policies within your organization. Having policy engines that can verify algorithm strength and certificate attributes upon issuance can help keep non-compliant certificates from putting your system at risk.

PQC Readiness and the 47-Day Certificate Mandate

By 2029, the 47-day maximum certificate validity for public TLS certificates will be mandatory, adding pressure on the part of PKI teams. This means that organizations typically handling 1,000 certificates will have to manage over 7,700 renewals yearly.

Fortunately, such a challenge can be addressed with the same solution for PQC readiness: comprehensive automation. PQC migrations call for rapid certificate replacement, which can be achieved with the closed-loop automation required for monthly certificate renewals.

The 47-day mandate and PQC migration both require the kind of agility that manual processes are not built for. To avoid building redundant systems that lead to bottlenecks, your PKI team must recognize the common foundation of these two initiatives.

Looking Ahead

Securing a quantum-safe future seems like an enormous feat, but it is not impossible. With the PQC migration timeline established, it’s important to take advantage of the existing technology to ensure that your organization is ready for the PQC era.

PKI teams will be able to navigate PQC migration confidently by working on their cryptographic visibility, developing automation systems, and adhering to policy-driven administration as early as now.

However, effective preparation all boils down to how fast you can adopt crypto-agility.

Book a demo with AppViewX now and expedite your PQC readiness plan.