European Authorities Provide Guidelines for PQC Adoption
European agencies (NCSC, ENISA) outline timelines and best practices for post-quantum crypto migration: inventory, hybrid rollout, and governance.
European regulators aren’t waiting for quantum computers to show up before taking action. The UK’s National Cyber Security Centre (NCSC) and the European Union Agency for Cybersecurity (ENISA) have both published guidance laying out migration timelines and practical steps for moving to post-quantum cryptography (PQC). For organizations operating in Europe or subject to European regulations, these frameworks are worth paying attention to.
TL;DR: European regulators are not waiting for quantum computers to arrive before acting. Their guidance centers on inventory, phased hybrid deployment, governance, and starting migration work now.
Why European regulators are moving now
Quantum computers will eventually break RSA and ECC, the encryption algorithms that most secure communications still depend on. European regulators have decided not to wait for that to happen. The NCSC’s PQC migration guidance, for example, lays out a phased timeline for updating systems before the threat becomes immediate:
Phase 1 (2023-2025) covers awareness and planning. Organizations should be assessing their cryptographic dependencies and mapping out PQC integration plans. Phase 2 (2025-2030) is implementation, deploying hybrid systems that combine classical and quantum-resistant algorithms. Phase 3 (2030 and beyond) targets full migration to PQC-only solutions.
ENISA’s recommendations complement this with guidance for EU member states on standardized protocols and international cooperation.
What the guidelines actually say
The European guidance comes down to a few concrete areas.
On algorithm selection, the recommendation is to use NIST-approved PQC algorithms: Kyber (now ML-KEM) for key exchange and Dilithium (now ML-DSA) for digital signatures. Hybrid approaches are encouraged as a transitional step, running classical and PQC algorithms in parallel so you maintain backward compatibility while adding quantum resistance. Organizations should also audit their existing systems to find where they’re vulnerable, and invest in training so the people responsible for this migration actually understand what’s changing and why.
For organizations in critical infrastructure, these guidelines carry real regulatory weight. They’re not optional suggestions.
Checking your PQC readiness
To see whether your servers already support PQC algorithms, you can use QCready.com for a quick free check on public endpoints. For a broader view of your TLS health across domains, SSLboard.com provides a more complete survey.
Where this is heading
The European approach to PQC adoption is pragmatic: start with inventory, deploy hybrid, build governance, and don’t wait. Whether quantum computers arrive in five years or fifteen, the migration work itself takes time, and the harvest-now-decrypt-later risk means data encrypted today with vulnerable algorithms is already exposed. The regulators understand this, and they expect organizations to act accordingly.