Roadmap for the Migration to Post-Quantum Cryptography for the Government of Canada (ITSM.40.001)

Government of Canada roadmap for moving to post-quantum cryptography, with timelines and steps to protect UNCLASSIFIED and PROTECTED information from future quantum threats.

This document outlines the Government of Canada’s roadmap for migrating non-classified information technology systems to post-quantum cryptography in response to the future threat posed by quantum computing. It establishes why existing public-key cryptography must be replaced to protect sensitive government information over the long term.

Quantum computers are expected to be capable of breaking many cryptographic algorithms currently used to secure data. The guide explains that information encrypted today could be intercepted and stored by adversaries for future decryption once quantum capabilities mature. This risk applies even if systems appear secure at present. Preparing early reduces exposure to this long-term threat.

The roadmap is intended to support a coordinated, government-wide transition rather than isolated technical upgrades. It applies to non-classified systems that handle UNCLASSIFIED, PROTECTED A, and PROTECTED B information. The document emphasizes that migration will take multiple years and must be planned alongside existing IT lifecycles. Early action allows departments to align cryptographic changes with modernization efforts.

A structured planning phase is presented as the foundation of a successful migration. Departments are expected to develop a post-quantum cryptography migration plan that identifies responsibilities, resources, and timelines. Executive sponsorship is highlighted as critical to ensure sustained commitment and oversight. Financial planning is also addressed to account for staffing, procurement, and system replacement costs. Education and awareness activities are included to ensure staff understand the nature of the quantum threat.

The guide places strong emphasis on procurement and standards during the planning stage. New systems and contracts should support post-quantum cryptography wherever possible. Using established and independently reviewed standards is encouraged to reduce risk and avoid vendor lock-in. Cryptographic agility is identified as important so systems can adapt to future algorithm changes. Early inclusion of post-quantum requirements can reduce long-term migration costs.

An identification phase follows planning and focuses on understanding where cryptography is used across the organization. This process involves building an inventory of systems, applications, network services, and hardware that rely on cryptographic mechanisms. The scope includes on-premises systems, cloud services, and employee-managed devices. Accurate identification is necessary to prioritize and sequence the transition.

The inventory developed during identification is intended to capture technical and operational details. This includes cryptographic configurations, system dependencies, vendors, and expected refresh cycles. Systems that protect information in transit over public networks are identified as higher priority due to the harvest now, decrypt later threat. Risk assessments may be used to refine prioritization decisions.

The transition phase uses the inventory to plan and execute upgrades, replacements, or compensating controls. Some systems may be upgraded to support post-quantum cryptography, while others may require isolation or tunnelling. Backward compatibility may be necessary during interim stages to maintain service continuity. Testing, monitoring, and rollback planning are emphasized to reduce operational risk. Transition activities are expected to integrate with existing change management processes.

The roadmap recognizes that not all systems can be easily migrated. Legacy systems may require full replacement or temporary protective measures to meet migration milestones. Decisions about isolation or encapsulation are framed as risk-management choices rather than permanent solutions. Departments are encouraged to refine transition plans as more information becomes available.

Clear milestones are established to track progress across government. Departments are expected to develop initial migration plans by April 2026 and report progress annually thereafter. High-priority systems should complete migration by the end of 2031. Remaining systems are expected to complete migration by the end of 2035. Meeting these milestones implies that vulnerable algorithms are no longer in use.

Governance and coordination are addressed as essential to managing a transformation of this scale. The Canadian Centre for Cyber Security provides technical leadership and guidance. Treasury Board Secretariat establishes policy requirements and oversees reporting. Shared Services Canada plays a key role in infrastructure modernization and feasibility assessment. Departments remain accountable for executing migration within their respective environments.

Organizations often have questions about where to begin, how to prioritize systems, and what level of effort is realistic over time. This roadmap is designed to answer those questions in a structured and practical manner. It supports incremental progress, shared accountability, and measurable outcomes. The guidance helps departments balance long-term cryptographic risk with operational constraints. The result is a clear framework for planning and executing post-quantum migration without unnecessary complexity.

This is a public document intended for broad distribution and citation. Document status: UNCLASSIFIED. Publisher: Canadian Centre for Cyber Security, Government of Canada. Intended audience: federal departments and agencies responsible for managing non-classified information technology systems.

• Click here to download