In brief
- France will stop certifying security products that lack quantum-safe encryption beginning in 2027.
- Officials cited concerns that future quantum computers could decrypt encrypted data stolen today.
- The move comes as crypto developers and wallet providers prepare for potential quantum threats to Bitcoin and other blockchains.
France is preparing to phase out security products that lack quantum-resistant encryption, underscoring the growing concern about the future of the cryptography securing everything from government networks to Bitcoin.
According to a report by Reuters, France's cybersecurity agency ANSSI announced this week that it will stop certifying security products that do not use quantum-safe encryption beginning in 2027, advising that companies should buy only quantum-safe products by 2030.
ANSSI certification is required for French government agencies and critical infrastructure operators, making the decision a de facto phase-out of older cryptographic systems.
"It's not only a technical issue," ANSSI Chief of Staff Samih Souissi said at the annual France Quantum conference. "It's a matter of governance, industrial planning, regulation, and sovereignty."
The policy change comes amid growing concern about Q-Day, or the expected arrival of quantum computers powerful enough to crack modern encryption. Security experts also warn of "harvest now, decrypt later" attacks, in which adversaries collect encrypted data today with the expectation that future quantum computers will eventually be able to unlock it.
While quantum computers capable of breaking modern encryption do not yet exist, estimates for their arrival are shrinking. In March, Google set a 2029 deadline to transition its systems to post-quantum cryptography. In May, quantum security firm Project Eleven estimated that a cryptographically relevant quantum computer could arrive as early as 2030, putting roughly 7 million Bitcoin at risk.
The announcement comes as parts of the crypto industry debate how best to prepare for a post-quantum future. Earlier this year, the Ethereum Foundation formed a dedicated post-quantum security team, formally elevating quantum resistance to a top priority for the network.
Last week, Coinbase's quantum advisory council urged blockchain builders to begin planning migrations to quantum-safe cryptography and determine the fate of coins that never migrate. At the same time, the Stellar Development Foundation unveiled a three-stage roadmap to migrate the XLM network to quantum-safe cryptography, including a protocol upgrade that would allow users to add quantum-resistant signers without changing their wallet addresses.
Still, some industry executives cautioned against viewing the latest projections as a sign that a quantum crisis is imminent.
“The risk is going up, but this was expected. As we get closer and closer to a target date for full migration to [post-quantum cryptography], the confidence in that timeline generally goes up,” Boundless CEO Shiv Shankar previously told Decrypt. “There's no cause for panic. The smartest and most brilliant minds in the world are active on this problem.”