France to Stop Certifying Non-Quantum-Safe Encryption - Schneier on Security
Search
Powered by DuckDuckGo
Blog
Essays
Whole site
Subscribe
HomeBlog
France to Stop Certifying Non-Quantum-Safe Encryption
France is accelerating its transition to post-quantum encryption:
France’s cybersecurity agency ANSSI said on Tuesday it would stop certifying security products that lack quantum-resistant encryption, a move that will force government bodies and critical operators to shift away from older systems.
Samih Souissi, ANSSI’s chief of staff, said at the France Quantum conference that the agency would halt such certifications from 2027, and that businesses should be buying only quantum-safe products by 2030.
ANSSI approval is required for use in French government agencies and critical infrastructure, making the policy a de facto phase-out of older encryption.
Tags: certifications, encryption, France, quantum cryptography
Posted on July 6, 2026 at 6:45 AM •<br>3 Comments
Comments
Clive Robinson •
July 6, 2026 12:09 PM
@ ALL,
This,
"France is accelerating its transition to post-quantum encryption"
Does not realy give an indicator of just how fast the chang required or the effect it will have.
ANSSI dictating from above
"ANSSI’s chief of staff, said at the France Quantum conference that the agency would halt such certifications from 2027, and that businesses should be buying only quantum-safe products by 2030."
What is in effect a deadline of "at the end of the decade" when we are already more than halfway through. Some would argue is,
"Way to fast for what in practice is an unknown, at best minimally tested technology".
Especially when the alleged "Quantum Computer" threat keeps slipping further and further into the future.
Thus the question arises as to,
"Why the rush, and what the parachute is?"
After all you do not fly experimental aircraft without having some form of protection from "crash and burn".
If you are going to create a massive economic upheaval it’s something you need to consider the consequences of.
Just one thing that few talk about is "Sovereign Security". It’s all the rage currently to talk about the EU plans to get rid of US Cloud as it’s a clear and present security risk. But few consider the effect across "the full computing stack".
Presently the cloud world runs on US controlled hardware…
France does not have the Sovereign Secure production to meet this ANSSI plan.
Which means both the US and China will be "built in at the bottom of the computing stack for these Quantum Safe encryption systems…
But speaking of hardware, people need to seriously think about the threat model of QC.
The current argument is that all comms will be hovered up and kept then when QC becomes practical it will all be "broken" (with the implication of "over night").
Simple logic and the exponential rise of communications tells you this is not going to happen. Before you even chuck in the economic cost of building Data Centers full of Quantum Computers and all that’s involved with that.
It’s also fate that is fairly easy to avoid using pre-encryption or super-encryption depending on which way you look at things. Further you need to ask the question,
Where would QC’s be most advantageous at breaking, that is where would the "exponential" speed up be?
The answer is "Key Negotiation / Delivery / Distribution" which is actually not a problem that existed untill the 1980’s and the advent of what would become e-shopping On-Line.
Pre-E-Commerce encryption practices are still QC proof. Thus there are two types of encryption, E-Commerce style between random entities, and traditional between established relationship entities.
After a moments thought you realise that the real "long term" security concerns are between entities that can use Pre-E-Commerce style systems.
Thus basic engineering would make secure systems for established entities.
But getting back to Quantum Computers the promise is "exponential speed up"… Can that actually be delivered by Quantum Computing?
The answer in most cases is "no" whilst we might have QC Hardware, we will still need QC Algorithms to get that exponential speed up. And such algorithms are actually at best very thin on the ground. You can see a basic explanation of this in
‘https://m.youtube.com/watch?v=pDj1QhPOVBo
The thing to remember is,
"There is a lot of difference between ‘theoretical and practical’."
Whilst an algorithm can be designed in theory… it is in effect useless untill it can be adapted to run on available hardware…
So the question is,
"Why is ANSSI jumping into something with time frames that will give the opposite of Sovereign Security?"
Locutus de Borges •
July 6, 2026 12:12 PM
Votre résistance est vaine — vous serez déchiffré.
lurker •
July 6, 2026 1:37 PM
"France is accelerating its transition to post-quantum encryption"
Encore un fois ils mettent la charrette avant le chevaux.
How can we have post-quantum anything when we...