Key facts
- France will cease certifying security products without quantum-safe encryption from 2027.
- Companies are advised to exclusively buy quantum-safe products by 2030.
- The policy change is driven by concerns over quantum computers' ability to decrypt data harvested today.
- The crypto industry is actively discussing and preparing for quantum threats to blockchains.
- The Ethereum Foundation and Coinbase have highlighted the urgency of post-quantum cryptography for crypto networks.
France is set to phase out security products that do not incorporate quantum-resistant encryption, a move that highlights the increasing global concern over the potential threat posed by future quantum computers to current cryptographic systems. The French cybersecurity agency ANSSI announced that it will stop certifying such products beginning in 2027 and advises companies to exclusively purchase quantum-safe options by 2030.
ANSSI's certification is a requirement for French government agencies and critical infrastructure operators, effectively mandating a transition away from older cryptographic standards. ANSSI Chief of Staff Samih Souissi stated that the decision involves not only technical considerations but also matters of governance, industrial planning, regulation, and national sovereignty.
The policy shift comes as the cybersecurity community grapples with the concept of 'Q-Day,' the anticipated arrival of quantum computers capable of breaking modern encryption. Experts warn of 'harvest now, decrypt later' attacks, where encrypted data is collected now with the expectation of decrypting it in the future. While such powerful quantum computers do not yet exist, projections for their development are becoming more aggressive. Google has set a 2029 deadline for its systems to transition to post-quantum cryptography, and a quantum security firm estimates a cryptographically relevant quantum computer could emerge as early as 2030, potentially jeopardizing millions of Bitcoin.
The cryptocurrency industry is also beginning to address these quantum threats. The Ethereum Foundation has established a dedicated post-quantum security team, prioritizing quantum resistance. Coinbase's quantum advisory council has urged blockchain developers to proactively prepare for a post-quantum future, emphasizing the need to begin upgrading networks like Bitcoin and Ethereum and to determine the fate of cryptocurrencies whose owners do not migrate to quantum-safe addresses. Concurrently, the Stellar Development Foundation has introduced a three-stage plan to migrate its XLM network to quantum-safe cryptography, including protocol upgrades that would allow users to add quantum-resistant signers without altering their wallet addresses. However, some industry figures, like Boundless CEO Shiv Shankar, advise against panic, noting that the timeline for migration is expected to become clearer as the target date approaches and that significant global expertise is focused on solving the problem.