// AGENCY 03 · POST-QUANTUM

Are you ready
for Q-Day?

Q-Day is the moment a cryptographically-relevant quantum computer breaks RSA and ECC in public. Whether it arrives in 2029 or 2035, the data adversaries are harvesting today will be readable then.

--
Years
--
Days
--
Hours
--
Minutes

PROJECTED · JAN 1, 2033 · NIST TIMELINE MIDPOINT

// 01 · WHAT IS Q-DAY

The crypto cliff.

Shor's algorithm — run on a sufficiently large fault-tolerant quantum computer — breaks RSA, Diffie-Hellman, and elliptic-curve cryptography. That's most of the trust anchors of the modern internet: TLS, VPN key exchange, document signatures, code signing, blockchain keys.

Credible estimates from NIST, NSA, and academic cryptographers converge on a window between 2029 and 2035. The exact date doesn't matter for planning. The migration does.

// 02 · WHY CARE NOW

Harvest now,
decrypt later.

Adversaries are storing encrypted traffic today against the day they can decrypt it. Anything with a shelf life beyond Q-Day — health records, IP, state secrets, M&A correspondence, long-lived firmware signing keys — is already exposed.

This is not speculative. It's a documented practice of nation-state programs. Your PQC migration deadline is not the day quantum arrives; it's today, minus the confidentiality half-life of your data.

// 03 · NIST PQC SUITE

The new primitives.

NIST standardized its first post-quantum algorithms in 2024. These are the primitives your migration lands on — no more speculative theater, just engineering.

FIPS 203

ML-KEM

Module-lattice key encapsulation. Replaces RSA and ECDH for TLS, VPN, and secure messaging. Also known as Kyber.

FIPS 204

ML-DSA

Module-lattice digital signatures. Replaces RSA and ECDSA for code signing, certs, and document authenticity. Formerly Dilithium.

FIPS 205

SLH-DSA

Stateless hash-based signatures. A conservative backup for ML-DSA where signature size is acceptable. Formerly SPHINCS+.

FIPS 206 DRAFT

FN-DSA

Fast-Fourier lattice signatures. Compact signatures where bandwidth matters. Formerly Falcon. Draft status.

// 04 · OUR APPROACH

Five-step
PQC migration.

A migration, not a product. We run this as a program over 12 to 24 months, priced by scope, with hard deliverables at every stage.

PHASE 01 · 4 WEEKS

Crypto inventory

Every certificate, key, library, protocol, and firmware signer — catalogued with exposure score and HNDL risk.

See phase →
PHASE 02 · 2 WEEKS

Risk model

Confidentiality half-life × Q-Day probability curve × adversary interest. A prioritized migration backlog, not a checklist.

See phase →
PHASE 03 · 8–12 WEEKS

Crypto-agility layer

We install the abstraction you should already have: algorithm-agnostic key mgmt so rotation isn't a yearlong project.

See phase →
PHASE 04 · 6–12 MO

Hybrid rollout

Classical + PQC in parallel for each protocol. Measure compat, perf, and interop with partners on their schedule.

See phase →
PHASE 05 · ONGOING

Retire the old

Decommission RSA/ECC as partners catch up. Prove it with attestation. Report quarterly to board and regulators.

See phase →
GOVERNANCE

Board reporting

We author the quarterly PQC-posture report your board, auditors, and regulators will expect from 2026 onward.

See phase →

// SELF-ASSESSMENT

How ready are you?

Six questions. Two minutes. An honest score. No email required.

PQC readiness · 6 questions

0/100

NOT ASSESSED

Answer the questions to see where you stand.

// BOOK A Q-DAY BRIEFING

Schedule a
60-minute
briefing.

A private briefing for your executive team or security org — calibrated to your sector, crypto inventory, and regulatory exposure.