Standardization, Compliance and Certification
Explore the three pillars of PQC compliance: standardization bodies that define the algorithms, certification bodies that validate implementations, and compliance frameworks that mandate adoption.
Explore the three pillars of PQC compliance: standardization bodies that define the algorithms, certification bodies that validate implementations, and compliance frameworks that mandate adoption.
compliance_03302026.csv • Updated: 3/30/2026
OSCCA NGCC Program
China Next-Generation Commercial Cryptographic algorithms standardization program
KpqC Standardization
Korea Post-Quantum Cryptography standardization program with national PQC transition roadmap
3GPP Security Working Group
3GPP SA3 — global mobile network security standards working group studying PQC integration
ANSSI
Agence nationale de la sécurité des systèmes d'information — France's national cybersecurity authority
BSI
German Federal Office for Information Security — Europe's most detailed national PQC technical guidance authority
CRYPTREC
Cryptography Research and Evaluation Committees — Japan's government body evaluating cryptographic techniques for public and government use
ENISA
European Union Agency for Cybersecurity — EU's PQC guidance authority and EUCC scheme co-manager
ETSI
European Telecommunications Standards Institute — global standards body for telecoms PQC including quantum-safe algorithm suites for 5G/6G
IETF
Internet Engineering Task Force — open standards body integrating PQC algorithms into internet protocols (TLS, SSH, CMS, S/MIME)
ISO/IEC JTC 1/SC 27
ISO/IEC Joint Technical Committee 1, Subcommittee 27 — international body standardizing PQC algorithms for global adoption
ITU-T SG17
ITU Telecommunication Standardization Sector Study Group 17 on security standards for global telecom PQC transition
KISA / NIS
Korea Internet & Security Agency and National Intelligence Service — South Korea's cybersecurity and cryptography standardization authorities
NIST
National Institute of Standards and Technology — US federal agency that standardized the first PQC algorithms
NSA
US National Security Agency — mandates PQC for all national security systems via CNSA 2.0 with the most aggressive government timeline
OSCCA / SCA
Office of State Commercial Cryptography Administration (国家密码管理局) — China's regulatory authority for commercial cryptography
PKI Consortium
Industry consortium coordinating PQC readiness for PKI operators and certificate authorities
Cloud Security Alliance
Cloud Security Alliance Quantum-Safe Working Group developing quantum security controls for cloud environments
Standardization Bodies
17 organizations that define PQC algorithms, protocols, and security requirements — the bodies whose publications the world implements.
OSCCA NGCC Program
China Next-Generation Commercial Cryptographic algorithms standardization program
KpqC Standardization
Korea Post-Quantum Cryptography standardization program with national PQC transition roadmap
3GPP Security Working Group
3GPP SA3 — global mobile network security standards working group studying PQC integration
ANSSI
Agence nationale de la sécurité des systèmes d'information — France's national cybersecurity authority
BSI
German Federal Office for Information Security — Europe's most detailed national PQC technical guidance authority
CRYPTREC
Cryptography Research and Evaluation Committees — Japan's government body evaluating cryptographic techniques for public and government use
ENISA
European Union Agency for Cybersecurity — EU's PQC guidance authority and EUCC scheme co-manager
ETSI
European Telecommunications Standards Institute — global standards body for telecoms PQC including quantum-safe algorithm suites for 5G/6G
IETF
Internet Engineering Task Force — open standards body integrating PQC algorithms into internet protocols (TLS, SSH, CMS, S/MIME)
ISO/IEC JTC 1/SC 27
ISO/IEC Joint Technical Committee 1, Subcommittee 27 — international body standardizing PQC algorithms for global adoption
ITU-T SG17
ITU Telecommunication Standardization Sector Study Group 17 on security standards for global telecom PQC transition
KISA / NIS
Korea Internet & Security Agency and National Intelligence Service — South Korea's cybersecurity and cryptography standardization authorities
NIST
National Institute of Standards and Technology — US federal agency that standardized the first PQC algorithms
NSA
US National Security Agency — mandates PQC for all national security systems via CNSA 2.0 with the most aggressive government timeline
OSCCA / SCA
Office of State Commercial Cryptography Administration (国家密码管理局) — China's regulatory authority for commercial cryptography
PKI Consortium
Industry consortium coordinating PQC readiness for PKI operators and certificate authorities
Cloud Security Alliance
Cloud Security Alliance Quantum-Safe Working Group developing quantum security controls for cloud environments