Sponsors (4)
The bill helps accelerate adoption of quantum-resistant cryptography through guidance, grants, and research support—reducing future cybersecurity risk—but relies on voluntary uptake and future funding, leaving some organizations facing costs or continued exposure.
Utilities, financial institutions, hospitals, and other critical infrastructure operators receive federal guidance and technical assistance to adopt quantum-resistant encryption, reducing the risk of future large-scale data breaches and service disruptions.
High-risk entities such as small businesses, utilities, and financial firms can access NIST-authorized grants that lower the financial burden of upgrading systems to post-quantum standards.
Scientists, researchers, and students gain expanded federal research support through NSF inclusion of post-quantum cryptography, accelerating innovation and workforce development in secure cryptography.
Smaller businesses and some government entities may remain exposed to quantum threats because adoption of post-quantum protections is voluntary and not all organizations will upgrade without mandates or sufficient incentives.
The grant program and technical support depend on future appropriations and the timely issuance of standards, so funding or guidance could be delayed or insufficient, limiting near-term protections for critical sectors.
Affected organizations like hospitals, small businesses, and financial firms could face significant implementation costs and operational disruption to upgrade to post-quantum cryptography if grants are inadequate.
Based on analysis of 2 sections of legislative text.
Directs NIST and NSF to support post‑quantum cryptography via definitions, guidance, technical assistance, research, and a grants program for high‑risk and critical infrastructure entities.
Directs NIST to promote voluntary adoption of post‑quantum cryptography by producing guidance, offering technical assistance, and, once post‑quantum standards are issued and funds are available, running a grant program to help high‑risk and critical infrastructure entities transition. Adds definitions for "critical infrastructure," "post‑quantum cryptography," and "sector risk management agency," and requires consultation with DHS, CISA, sector risk management agency heads, and private‑sector representatives. Also expands NSF’s cryptography research mission to explicitly include post‑quantum cryptography research, aiming to boost federal research support for cryptographic work that defends against future quantum threats.
Introduced May 7, 2025 by Haley Stevens · Last progress May 7, 2025