TL;DR: Quantum computing threatens RSA and ECC, while the NIST has already finalised three post-quantum cryptographic standards and signalled more to come, according to GlobalSign. The real issue for identity teams is not algorithm awareness but migration scope, because every device, server, browser, certificate, and communication path that depends on public-key trust will need a replacement path before quantum risk becomes practical.
At a glance
What this is: This is a post-quantum cryptography readiness analysis showing that identity trust, certificate ecosystems, and public-key infrastructure need planning now because RSA and ECC are not quantum-safe.
Why it matters: It matters to IAM, PKI, PAM, and identity architects because certificate lifecycles, workload identities, and federation trust all depend on cryptographic assumptions that will need staged replacement.
By the numbers:
- RSA recommendations moved from a minimum of 1024 bits in 2015 to 2048 bits today.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
👉 Read GlobalSign's analysis of post-quantum cryptography readiness for identity systems
Context
Post-quantum cryptography readiness is no longer a theoretical standards discussion. Public-key systems sit underneath certificates, device trust, browser trust, workload identity, and secure communications, so a cryptographic transition becomes an identity transition as much as a security one.
The article’s core point is that RSA and ECC do not hold up against quantum-capable attackers, while the ecosystem still has time to prepare. That preparation will be uneven because certificate authorities, hardware security modules, browsers, and regulated environments do not all move at the same pace.
For identity programmes, the practical question is how to inventory what depends on public-key trust and sequence replacement without breaking production authentication, signing, and federation paths. The organisations that treat quantum readiness as a PKI-only issue will miss the broader identity governance impact.
Key questions
Q: How should security teams prepare identity systems for post-quantum cryptography?
A: They should start with a complete inventory of where cryptography underpins authentication, federation, signing, and encrypted transport. Then they should rank systems by business lifetime and migration complexity, because the most dangerous dependencies are the ones that must remain trusted for years. Crypto-agility matters when replacement can happen without re-architecting the whole identity stack.
Q: Why does post-quantum planning matter for IAM teams and not just PKI owners?
A: Because identity systems use public-key cryptography everywhere, from authenticating devices to validating browser sessions and workload certificates. When those trust mechanisms weaken, access assurance weakens with them. IAM teams own the lifecycle and dependency mapping that determine which certificates, identities, and federated flows must move first.
Q: What do security teams get wrong about quantum readiness?
A: They often treat quantum readiness as a future encryption upgrade rather than an identity and trust migration. That narrow view misses certificate lifecycles, delegated access, federation boundaries, and the role of AI agents in privileged workflows. Readiness fails when the control plane is not designed to evolve with the cryptography underneath it.
Q: Who is accountable for quantum migration when certificates and identities span multiple teams?
A: Accountability should sit with the identity and cryptography governance owners, but execution must be shared across PKI, infrastructure, application, and compliance teams. If no single group owns the dependency map and migration timetable, the transition will fragment and legacy trust paths will survive longer than intended.
Technical breakdown
Why RSA and ECC fail in a post-quantum trust model
RSA and ECC depend on mathematical problems that classical computers cannot solve efficiently, but quantum computers change that assumption. In practice, the issue is not that every encrypted record is immediately exposed, but that the trust foundations for identity, certificate validation, and signed communications are vulnerable once quantum-capable systems become usable. That makes public-key cryptography a dependency hidden inside almost every identity pathway, from browser sessions to machine certificates. Migration therefore has to be planned as a trust architecture change, not a single algorithm swap.
Practical implication: Map every identity control that depends on RSA or ECC before building your post-quantum transition plan.
Post-quantum cryptographic standards and certificate migration
The NIST standardisation of three post-quantum schemes gives organisations a concrete direction, but not a finished migration model. FIPS 203 is aimed at key establishment, FIPS 204 at digital signatures, and FIPS 205 as an alternate signature path. That matters because identity systems depend on both encryption and signing, especially for certificates, federation assertions, code signing, and device attestation. The operational challenge is that these standards must fit into real certificate lifecycles, CA workflows, and hardware constraints before they can be used at scale.
Practical implication: Start by classifying which identity flows rely on encryption versus signatures, then align each flow to the right post-quantum replacement path.
Why certificate authorities and HSM readiness determine rollout speed
Even when standards exist, adoption stalls if the surrounding trust infrastructure cannot support them. Certificate authorities need issuance and policy changes, and hardware security modules must support the key generation and protection model required for post-quantum certificates. This creates a governance bottleneck because compliance frameworks, browser trust stores, and supply chain dependencies must move together. The article also points to a longer transition window for systems already in the field, which is where risk concentrates: legacy identity paths will coexist with new ones for years.
Practical implication: Assess CA, HSM, browser, and device readiness together, not as separate upgrade projects.
Threat narrative
Attacker objective: The attacker wants to preserve encrypted data or signed trust material now so it can be decrypted or invalidated later when quantum capability makes it practical.
- Entry occurs today through data capture and long-lived ciphertext collection under the "harvest now, decrypt later" model, where attackers store sensitive traffic or identity material for future cracking.
- Escalation happens when quantum-capable decryption becomes viable and previously protected certificates, signatures, or communications can no longer be trusted as durable proof of identity or confidentiality.
- Impact is the delayed compromise of stored secrets, signed trust chains, and protected communications across government, financial, medical, and personal data.
Breaches seen in the wild
- Sisense breach — unauthorized GitLab access led to exfiltration of access tokens, API keys and certificates.
- Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
Post-quantum readiness is an identity trust migration problem, not just a cryptography upgrade. Certificates, device trust, browser trust, and workload identity all depend on public-key assumptions that quantum computing undermines. That means identity governance teams have to think in terms of trust replacement paths, not isolated cipher changes. The implication is that PKI, IAM, and infrastructure owners need a shared migration map.
Long-lived credentials and long-lived trust are the hidden exposure window in quantum planning. The article’s "harvest now, decrypt later" warning maps directly to the same persistence problem NHIs already create: once a credential or certificate remains valid for too long, the exposure window becomes operationally dangerous. Post-quantum migration will fail where organisations treat trust artefacts as static assets rather than time-bounded governance objects. Practitioners need to assume that lifetime management becomes a first-class control.
Public-key infrastructure sprawl will be the hardest part of the transition. The standards are only the starting point because CA systems, HSMs, browser ecosystems, and device fleets all need compatible support before replacement can happen at scale. That makes the problem cross-functional and slow, especially in environments with third-party certificates and embedded systems. Security teams should expect sequencing, not simultaneous conversion.
Quantum pressure will expose weak identity inventory more clearly than weak encryption alone. Organisations cannot protect what they have not mapped, and most estates still lack complete visibility into certificates, service identities, and dependency chains. The more fragmented the identity estate, the harder it becomes to prioritise which trust links must move first. The practical conclusion is that inventory quality determines post-quantum readiness.
Identity programmes that already struggle with lifecycle governance will struggle most with quantum transition. If an organisation cannot reliably track issuance, rotation, renewal, and offboarding today, it will not be able to retire legacy cryptographic trust paths cleanly tomorrow. The transition therefore rewards disciplined lifecycle ownership more than abstract cryptographic awareness. Teams should treat quantum readiness as a governance maturity test.
From our research:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which is why identity inventory quality remains a gating issue for any cryptographic transition.
- Forward pivot: Ultimate Guide to NHIs , Standards frames the control families that will matter when post-quantum migration reaches operational planning.
What this signals
Identity inventory will become the bottleneck for quantum readiness. Organisations that cannot accurately enumerate certificates, service identities, and trust dependencies will not be able to sequence migration by risk. The first programme change is to treat cryptographic dependency mapping as an identity governance task, not a one-off PKI review.
The next pressure point is lifecycle management. When certificates, keys, and trust chains are allowed to persist without clear ownership, quantum migration turns into a prolonged dual-stack problem that increases operational exposure and audit complexity.
Teams should also expect standards alignment work to become more visible in board reporting. The practical question will not be whether post-quantum algorithms exist, but whether the organisation can prove where they will be deployed first and how legacy trust will be retired.
For practitioners
- Inventory every RSA and ECC dependency Build a complete map of certificates, device identities, browser trust paths, code signing, and service-to-service communications that still depend on classical public-key cryptography.
- Classify trust paths by migration urgency Separate externally exposed identities, long-lived certificates, and regulated communications from lower-risk internal uses so replacement sequencing follows business impact.
- Assess CA and HSM compatibility together Test whether certificate authorities, hardware security modules, and downstream consumers can issue, store, and validate post-quantum-safe credentials before planning rollout.
- Treat long-lived secrets as future exposure Assume that any data or signed artefact stored today may be targetable under a harvest now, decrypt later model and shorten retention where policy allows.
Key takeaways
- Quantum readiness is an identity governance issue because public-key trust underpins certificates, federation, and workload authentication.
- The NIST has now standardised three post-quantum schemes, which gives practitioners a concrete migration target but not an automatic rollout path.
- The organisations that win this transition will be the ones that map dependencies, sequence replacement, and govern long-lived trust artefacts before quantum risk becomes practical.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0, NIST SP 800-53 Rev 5 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-1 | Public-key trust underpins identity access control and verification. |
| NIST SP 800-53 Rev 5 | IA-5 | Authenticator management covers certificate and key lifecycle issues. |
| NIST Zero Trust (SP 800-207) | Zero Trust requires continuous verification of identity trust chains. | |
| OWASP Non-Human Identity Top 10 | NHI-03 | Long-lived machine credentials and trust artefacts are the migration risk here. |
Map certificate and identity dependencies to PR.AC-1 and document where classical cryptography still anchors trust.
Key terms
- Post-Quantum Cryptography: Cryptographic algorithms designed to resist attacks from quantum computers. In identity systems, the relevance is not abstract math but whether certificates, signatures, and trust chains can survive a future where classical public-key assumptions no longer hold.
- Harvest now, decrypt later: An attacker strategy where encrypted traffic or stored data is collected today and decrypted later when better computing power becomes available. It matters to NHI governance because machine identities often protect the data paths and secrets most worth preserving over time.
- Public Key Infrastructure: Public Key Infrastructure is the trust system that issues, manages, and revokes digital certificates used to prove identity. In practice it binds keys to entities and policies, making authentication, encryption, and non-repudiation possible across users, devices, and services.
- Certificate Authority: A trusted issuer that signs certificates and anchors digital identity relationships. Its importance rises during post-quantum migration because issuance policy, algorithm support, and revocation workflows determine how quickly organisations can move from classical to quantum-resistant trust.
What's in the full article
GlobalSign's full article covers the operational detail this post intentionally leaves for the source:
- A deeper walkthrough of the NIST post-quantum standards and how each one maps to encryption or signatures.
- Discussion of certificate authority and browser ecosystem readiness, including the constraints slowing adoption.
- Context on hardware security module support and why that matters for issuing post-quantum-safe certificates.
- The article’s view of how "harvest now, decrypt later" changes the urgency of migration planning.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
Published by the NHIMG editorial team on July 11, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org