Sponsors (2)
Introduced December 2, 2025 by Gary C. Peters · Last progress December 2, 2025
The bill accelerates and standardizes federal and sector efforts to adopt post‑quantum cryptography—improving national cybersecurity posture and interoperability—but imposes near‑term costs, tight deadlines, administrative burdens, and risks of uneven protection that could strain smaller organizations and agency resources.
Federal agencies, state governments, and critical-sector organizations (financial institutions, utilities, hospitals) gain a coordinated federal plan, measurable timelines, and standardized triggers to migrate to post‑quantum cryptography, lowering the long‑term risk of successful quantum attacks on critical systems.
Technology companies, IT teams, and private-sector entities receive clear NIST-based guidance, test beds, interoperability frameworks, and industry collaboration that reduce technical barriers and speed procurement and deployment of post‑quantum solutions.
Agencies get uniform definitions (e.g., 'cryptographically relevant quantum computer' and 'high-impact systems') and references to vetted standards, which create clearer decision triggers and promote consistent risk assessment across government.
State and local governments, private companies (especially utilities, hospitals, and financial firms), and federal agencies will face meaningful near‑term economic and administrative costs to procure, deploy, and report on post‑quantum upgrades.
The compressed timelines (180-day guidance and 18-month upgrade/pilot expectations) risk rushed or incomplete guidance and will strain agency and vendor IT resources, increasing the chance of implementation errors and service disruptions during migration.
Smaller organizations and resource‑constrained entities may be unable to use test beds or implement recommended solutions, widening security capability gaps and leaving parts of the economy less protected.
Based on analysis of 4 sections of legislative text.
Requires NIST and OSTP to produce post‑quantum cryptography guidance, a national upgrade strategy, and a pilot program to accelerate federal and critical‑sector migration to quantum‑resistant algorithms.
Requires the National Institute of Standards and Technology (NIST), working with the White House Office of Science and Technology Policy (OSTP), to produce guidance and a national strategy for upgrading federal and critical‑sector information systems to post‑quantum cryptography. It directs NIST to publish procurement and deployment standards and to support private‑sector collaboration and test beds, and it directs OSTP to produce a National Quantum Cybersecurity Upgrade Strategy and run a voluntary pilot program that accelerates at least one high‑impact system upgrade per participating covered entity within set timeframes and report to Congress.