← H33.ai

NIST Post-Quantum Compliance Checklist: What You Actually Need

NIST has finalized the post-quantum cryptography standards. Here is the compliance checklist — what your organization actually needs to do, not what vendors want you to think you need to do.

Direct answer: NIST PQ compliance requires: (1) an inventory of quantum-vulnerable cryptography, (2) a migration plan to FIPS 203/204/205, (3) hybrid deployment during transition, (4) crypto agility for algorithm rotation, and (5) provable attestation that PQ protection is deployed. Most organizations are stuck on step 1. You can skip to step 5 with an attestation-layer approach.

The Checklist

1. Cryptographic Inventory

Catalog every system using RSA, ECDSA, ECDH, or AES-128. Classify by data sensitivity and retention period. Data with >10 year sensitivity is already at harvest-now-decrypt-later risk.

REQUIREMENT: Complete before any migration begins

2. Data Classification by Quantum Risk

Not all data needs PQ protection today. Health records, financial data, government communications, and IP with long-term value are priority. Session tokens that expire in hours are not.

REQUIREMENT: Risk-based prioritization, not blanket migration

3. Algorithm Selection (NIST Has Decided This)

ML-KEM (FIPS 203) for key exchange. ML-DSA (FIPS 204) for signatures. SLH-DSA (FIPS 205) as hash-based fallback. You do not need to evaluate algorithms — NIST spent 8 years doing that.

REQUIREMENT: Use the standards. Do not invent your own selection.

4. Hybrid Deployment

Run classical + PQ in parallel during transition. If the PQ algorithm has an unexpected weakness, classical provides fallback. If quantum computers arrive sooner than expected, PQ provides protection.

REQUIREMENT: Both directions of risk covered simultaneously

5. Crypto Agility Mechanism

The ability to disable a compromised algorithm without a system-wide outage. If ML-DSA is broken tomorrow, can you switch to SLH-DSA without redeploying every service? If not, you don't have crypto agility.

REQUIREMENT: Algorithm rotation without system rebuild

6. Key Management for PQ Key Sizes

PQ keys are 5-10x larger than classical keys. Key storage, backup, HSM integration, and certificate chains all need capacity updates. An ML-DSA-65 public key is 1,952 bytes vs 256 bytes for Ed25519.

REQUIREMENT: Infrastructure that handles larger key material

7. Compliance Attestation

Proving that PQ protection is actually deployed — not just planned. Self-reported compliance fails the same way self-reported MFA fails: saying you have it is not the same as proving it is enforced.

REQUIREMENT: Cryptographic proof of PQ deployment, not a checkbox

What Most Organizations Get Wrong

Mistake 1: Treating migration as a multi-year infrastructure project. You don't need to replace cryptography inside every system. An attestation layer in front of your existing infrastructure provides PQ protection immediately. Internal migration happens on your timeline.

Mistake 2: Waiting for "the right time." The harvest-now-decrypt-later window is already open. Every month of delay is another month of intercepted data that adversaries store for future decryption. There is no right time. There is only late.

Mistake 3: Using only one PQ algorithm. NIST published three standards because no single mathematical assumption is guaranteed. A production system should use at least two independent families. If one breaks, the other still protects.

Mistake 4: Confusing compliance with security. Checking the PQ box on an audit form doesn't protect data. Cryptographic attestation — independently verifiable proof that PQ signatures are applied to every operation — is the standard that actually matters.

The Fast Path

Instead of a 3-5 year migration, deploy post-quantum attestation today:

Every API response signed with three PQ families (ML-DSA + FALCON + SLH-DSA)
Every data record attested with a 74-byte cryptographic primitive at creation
Algorithm rotation via configuration, not code deployment
Compliance proof is the attestation itself — independently verifiable

The compliance summary: NIST says migrate. Most guides say plan. The attestation-layer approach lets you deploy PQ protection today and migrate internal systems at your own pace. Compliance is provable from day one — not after a multi-year project completes.

Get Your Compliance Assessment →

Eric Beans

CEO, H33.ai, Inc.

Patent pending. U.S. Patent Application Nos. 19/309,560 and 19/645,499.
NIST, FIPS, ML-KEM, ML-DSA, and SLH-DSA are standards of the National Institute of Standards and Technology.