The global transition to Post-Quantum Cryptography (PQC) is a critical challenge for governments, institutions, and organizations alike – especially as the security of vital systems increasingly depends on it.
To drive this transition forward and establish clear timelines, EU Member States – supported by the European Commission – adopted a joint roadmap in June 2025. This initiative, developed by a dedicated Post-Quantum Cryptography workstream within the NIS Cooperation Group (NIS CG), outlines key recommendations and concrete milestones for migration.
This blog post highlights the most important takeaways and deadlines from t the EU’s roadmap for post-quantum cryptography.
You can access the full publication here
First Milestone: PQC Key Objectives and Deliverables by 31 December 2026
By the end of 2026, the European Commission expects all Member States to have developed a comprehensive national plan for implementing Post-Quantum Cryptography.
This plan should include the following foundational steps:
- Identify and involve stakeholders
- Support mature cryptographic asset management
- Create dependency maps
- Perform quantum risk analysis
- Include the supply chain
- Create a national awareness and communication program
- Share knowledge and get involved with the NIS CG work stream on PQC
- Develop a timeline and an implementation plan
Expected Outcomes by the Deadline (31.12.2026):
- Member States have initiated PQC transition planning and pilot projects for high- and medium-risk use cases
- All Member States have published initial national roadmaps for PQC migration
Second milestone: PQC Key Objectives and Deliverables by 31 December 2030
By the end of 2030, the EU calls on its Member States to take further decisive steps in PQC transition. These actions should begin as early as possible and do not require full completion of the 2026 objectives before proceeding.
The following focus areas are recommended:
- Support cryptographic agility and a quantum-safe upgrade path (Aligned with the Cyber Resilience Act, expected by December 2027)
- Allocate resources for the transition
- Adapt certification schemes
- Evolve the rules
- Look for opportunities within the ecosystem
- Considering transversal activities throughout the creation and implementation of the roadmap
- Implement pilot use cases and contribute to testing centers
Expected Outcomes by the Deadline (31.12.2030):
- PQC transition for high-risk use cases is fully completed
- PQC planning and pilots for medium-risk use cases are finalized
- Quantum-safe software and firmware updates are supported by default
Third Milestone: PQC Key Objectives and Deliverables by 31 December 2035
By the end of 2035, Member States should have completed the final phase of their Post-Quantum Cryptography (PQC) transition for the following risk categories:
- Full completion of PQC migration for medium-risk use cases
- Substantial completion of PQC migration for low-risk use cases, as far as technically and economically feasible
Additional Strategic Recommendations by the EU for PQC Implementation
- Adopt a risk-based approach to prioritize PQC migration efforts
- Use standardized and hybrid cryptographic solutions to ensure interoperability and transitional flexibility
- Consider symmetric cryptography as a viable alternative where appropriate
- Begin early planning for complex systems, accounting for extended migration timelines
- Ensure all new products entering the market with a lifecycle beyond 2030 are:
- Upgradable to quantum-safe algorithms
- Capable of secure firmware updates using PQC
- Maintain a cryptographic inventory using standardized formats, such as the Cryptographic Bill of Materials (CBOM)
How Utimaco supports PQC implementation
As a leading cybersecurity provider with a strong focus on research and development, Utimaco has long anticipated the quantum threat - and taken proactive steps to address it.
Our flagship Hardware Security Module – u.trust General Purpose HSM Se-Series – is designed crypto agile and can be upgraded with NIST-standardized PQC algorithms already today. Through our Quantum Protect application package, we support a range of quantum-safe algorithms, including:
- ML-KEM (lattice-based key encapsulation)
- ML-DSA (lattice-based digital signatures)
- LMS, HSS, XMSS, and XMSS-MT (hash-based signature schemes)
The Hardware Security Module can be also deployed as a service.
To support organizations in their full PQC migration journey, Utimaco also offers expert consultancy services and collaborates with InfoSec Global to provide a comprehensive crypto discovery solution – helping clients identify, assess, and modernize their cryptographic assets for a quantum-safe future.
Further resources:
The PQC Migration Handbook - Guidelines for migrating to Post Quantum Cryptography
