OFFICIAL PUBLICATION

DHS Memorandum on Preparing for Post-Quantum Cryptography

Published: March 31, 2021

Source: Department of Homeland Security

Summary: This memorandum outlines the Department of Homeland Security's approach to prepare government agencies and critical infrastructure for the transition to post-quantum cryptography to protect against quantum computing threats.

Executive Summary

The Department of Homeland Security (DHS) issued this memorandum to address the growing concern that quantum computing poses to current cryptographic standards. As quantum computing technology advances, it threatens to break many of the public-key cryptographic systems currently in use, potentially exposing sensitive government, commercial, and citizen data.

This memorandum establishes a roadmap for federal agencies and critical infrastructure operators to prepare for the migration to post-quantum cryptography. The document emphasizes the importance of beginning this transition now, even as standards are still being developed, to ensure adequate protection for systems and data that need long-term confidentiality and integrity.

Key Directives

Inventory and Assessment

Agencies must inventory all currently deployed cryptographic systems, algorithms, and protocols.

Identify systems using public-key cryptography that are vulnerable to quantum attacks
Catalog sensitive and high-value data requiring long-term protection
Prioritize systems based on criticality and quantum vulnerability

Transition Planning

Develop migration roadmaps for transitioning vulnerable systems to quantum-resistant alternatives.

Establish timeline projections aligned with NIST standardization efforts
Account for technology refresh cycles to minimize costs
Identify systems requiring early replacement due to high security requirements

Immediate Actions

Take steps now to prepare for the post-quantum transition:

Increase cryptographic agility in new and existing systems
Engage with vendors on their post-quantum roadmaps
Train technical staff on quantum computing threats and post-quantum cryptography
Participate in government and industry forums focused on post-quantum readiness

Specified Timeline

Milestone	Target Date	Description
Initial Assessment	Q3 2021	Complete inventory of cryptographic assets and vulnerable systems
Transition Roadmap	Q1 2022	Develop preliminary migration plans for critical systems
Updated Standards	2024	Expected completion of NIST post-quantum cryptography standards
Implementation	2025-2030	Phased implementation across federal systems and critical infrastructure

DHS Commitment

The Department of Homeland Security is committed to providing federal agencies, critical infrastructure operators, and the private sector with the guidance, tools, and resources needed to successfully navigate the transition to post-quantum cryptography.

DHS will work closely with NIST, NSA, and other relevant stakeholders to ensure a coordinated, effective approach to addressing the quantum threat, protecting national security, and maintaining the United States' technological leadership.