France to Mandate Quantum-Safe Encryption by 2027

France is set to mandate quantum-safe encryption for security products, with its national cybersecurity agency ANSSI announcing it will stop certifying products lacking quantum-resistant encryption starting in 2027. This move reflects growing global concerns about the potential threat posed by future quantum computers to current cryptographic systems. ANSSI advises companies to exclusively purchase quantum-safe options by 2030.

ANSSI certification is a prerequisite for products used by French government agencies and critical infrastructure operators, effectively compelling vendors to adopt post-quantum cryptography capabilities by 2027 to maintain access to these contracts. ANSSI Chief of Staff Samih Souissi emphasized that the decision extends beyond technical aspects, encompassing governance, industrial planning, regulation, and national sovereignty.

The French policy aligns with similar initiatives from the US National Security Agency (NSA), which requires national security systems to support quantum-resistant algorithms by 2027, with a full phase-out of noncompliant systems by the end of 2030. Experts note that this convergence on the same year by two major cryptographic certification authorities signals a significant shift towards post-quantum cryptography.