ARE YOU READY FOR
Q-DAY?
Q-Day is the moment a cryptographically-relevant quantum computer breaks RSA and ECC in public. Whether it arrives in 2029 or 2035, the data adversaries are harvesting today will be readable then.
Projected · Jan 1, 2033 · NIST timeline midpoint
What is Q-Day?
THE CRYPTO CLIFF
Shor's algorithm — run on a sufficiently large fault-tolerant quantum computer — breaks RSA, Diffie-Hellman, and elliptic-curve cryptography. That's most of the trust anchors of the modern internet: TLS, VPN key exchange, document signatures, code signing, blockchain keys.
Credible estimates from NIST, NSA, and academic cryptographers converge on a window between 2029 and 2035. The exact date doesn't matter for planning. The migration does.
HARVEST NOW,
DECRYPT LATER
Adversaries are storing encrypted traffic today against the day they can decrypt it. Anything with a shelf life beyond Q-Day — health records, IP, state secrets, M&A correspondence, long-lived firmware signing keys — is already exposed.
This is not speculative. It's a documented practice of nation-state programs. Your PQC migration deadline is not the day quantum arrives; it's today, minus the confidentiality half-life of your data.
A TIMELINE YOU CAN PLAN AGAINST
Click a year. The narrative updates based on current NIST guidance and published adversary capability estimates.
THE NEW PRIMITIVES
NIST standardized its first post-quantum algorithms in 2024. These are the primitives your migration lands on — no more speculative theater, just engineering.
ML-KEM
Module-lattice key encapsulation. Replaces RSA and ECDH for TLS, VPN, and secure messaging. Also known as Kyber.
ML-DSA
Module-lattice digital signatures. Replaces RSA and ECDSA for code signing, certs, and document authenticity. Formerly Dilithium.
SLH-DSA
Stateless hash-based signatures. A conservative backup for ML-DSA where signature size is acceptable. Formerly SPHINCS+.
FN-DSA
Fast-Fourier lattice signatures. Compact signatures where bandwidth matters. Formerly Falcon. Draft status.
FIVE-STEP PQC MIGRATION
A migration, not a product. We run this as a program over 12 to 24 months, priced by scope, with hard deliverables at every stage.
Crypto inventory
Every certificate, key, library, protocol, and firmware signer — catalogued with exposure score and HNDL risk.
See phase → Phase 02 · 2 weeksRisk model
Confidentiality half-life × Q-Day probability curve × adversary interest. A prioritized migration backlog, not a checklist.
See phase → Phase 03 · 8–12 weeksCrypto-agility layer
We install the abstraction you should already have: algorithm-agnostic key mgmt so rotation isn't a yearlong project.
See phase → Phase 04 · 6–12 monthsHybrid rollout
Classical + PQC in parallel for each protocol. Measure compat, perf, and interop with partners on their schedule.
See phase → Phase 05 · OngoingRetire the old
Decommission RSA/ECC as partners catch up. Prove it with attestation. Report quarterly to board and regulators.
See phase → Program governanceBoard reporting
We author the quarterly PQC-posture report your board, auditors, and regulators will expect from 2026 onward.
See phase →HOW READY ARE YOU?
Six questions. Two minutes. An honest score. No email required.
PQC readiness · 6 questions
Answer the questions to see where you stand.
SCHEDULE A 60-MIN Q-DAY BRIEFING
A private briefing for your executive team or security org — calibrated to your sector, crypto inventory, and regulatory exposure.