France stops certifying products lacking quantum-safe encryption

France just drew a line in the sand on quantum security. The country’s national cybersecurity agency, ANSSI, announced that beginning in 2027, it will no longer certify security products that fail to incorporate quantum-resistant encryption.

What ANSSI actually announced

The announcement came on June 16 at the France Quantum conference. ANSSI’s chief of staff, Samih Souissi, laid out the timeline: certifications dry up for non-quantum-safe products starting in 2027, with a full transition to quantum-safe products targeted for 2030.

The policy specifically targets conventional cryptographic algorithms like RSA and ECC. These are the mathematical frameworks that underpin most of today’s digital security, from government communications to banking systems to blockchain networks.

This isn’t a bolt from the blue. ANSSI published a position paper on post-quantum cryptography transitions back in 2022. A follow-up study in March 2025 painted a less-than-reassuring picture, revealing that 38 surveyed organizations lacked any transition plans whatsoever.

The quantum threat, explained without the physics lecture

There’s a nastier problem already happening: the “harvest now, decrypt later” strategy. Adversaries, whether nation-states or sophisticated criminal groups, are vacuuming up encrypted data today with the explicit plan to decrypt it once quantum hardware catches up. That’s why France isn’t waiting for quantum computers to actually break things. By the time they do, it’s already too late for any data collected between now and then.

The National Institute of Standards and Technology (NIST) in the US released its initial post-quantum cryptography standards in 2024, including algorithms called ML-KEM and ML-DSA. These are designed to resist both classical and quantum attacks. France’s move aligns directly with this global standardization push, but takes the additional step of making compliance mandatory for certified products.

Why crypto should be paying close attention

ANSSI’s policy doesn’t mention digital assets or cryptocurrencies. Not a single word. But Bitcoin, Ethereum, and virtually every major blockchain rely on elliptic curve cryptography (ECC) for key generation and transaction signing. These are the exact same algorithm families that France has decided are no longer good enough for government-certified products.

The harvest-now-decrypt-later risk applies to blockchain too. Every public key that’s ever appeared on a blockchain is, by definition, public. If quantum computers eventually crack ECC, any address that has exposed its public key through a transaction could theoretically be compromised. For Bitcoin, addresses that have only received funds and never sent a transaction would be relatively safer, since their public keys haven’t been revealed.

France’s 2027 deadline creates immediate pressure on security vendors to integrate what the industry calls “crypto-agility,” the ability to swap cryptographic algorithms without rebuilding entire systems. The 2030 target date for full transition gives the industry roughly four years to adapt, which sounds generous until you remember how long protocol upgrades take in decentralized systems.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.