Capability · PQC readiness

Post-quantum cryptography readiness

Inventory cryptographic algorithms, plan migration to NIST PQC standards, and track CNSA 2.0 alignment.

PQC readiness dashboard showing algorithm inventory, vulnerability counts, migration phase progress, and CNSA 2.0 alignment table

Harvest-now, decrypt-later is already happening. CNSA 2.0 sets a firm 2030 deadline for digital signatures and a 2025 target for key establishment in US national security systems. Attestry's PQC module runs a 52-question assessment across six sections (cryptographic inventory, vulnerability analysis, migration roadmap, compliance mandates, implementation, governance), classifies each algorithm against NIST FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA), and scores readiness across five migration phases. CNSA 2.0 alignment is checked requirement-by-requirement, and the same questionnaire produces a PQC migration plan and a readiness report as exportable PDF documents.

What's included

Built to be auditor-ready out of the box

52-question assessment across six sections

Cryptographic inventory, vulnerability analysis, migration roadmap, compliance mandates (CNSA 2.0, FFIEC, federal mandates), implementation, and governance. Each question maps to a specific PQC requirement key.

Algorithm inventory vs. NIST PQC standards

RSA, ECC, ECDSA, EdDSA, classical DH, and 3DES are flagged as quantum-vulnerable; AES-256 and SHA-256/SHA-3 are flagged as quantum-resistant. Migration recommendations cite ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) by name.

Five-phase migration tracking

Discovery, planning, hybrid deployment, full migration, and validation. Each phase carries a progress percentage so leadership can see exactly where the organization sits in the transition.

CNSA 2.0 alignment, requirement by requirement

Per-requirement met/not-met status against CNSA 2.0 (including the 2025 ML-KEM target for key establishment and the 2030 ML-DSA target for digital signatures), with gaps surfaced as remediation actions.

Cryptographic primitives behind this capability

Each capability rests on signed, verifiable signature components.

Component

Capability manifests

Component

Evidence chain

Component

Framework crosswalk

Start attesting in 60 seconds.

Free plan includes fingerprinting, unverified attestations, and a public registry listing. Upgrade when you need signed proofs or SLA-backed verification.

Create a free account See pricing

Capability · PQC readiness

Post-quantum cryptography readiness

Inventory cryptographic algorithms, plan migration to NIST PQC standards, and track CNSA 2.0 alignment.

Start free See all features

What's included

Built to be auditor-ready out of the box

52-question assessment across six sections

Algorithm inventory vs. NIST PQC standards

Five-phase migration tracking

Discovery, planning, hybrid deployment, full migration, and validation. Each phase carries a progress percentage so leadership can see exactly where the organization sits in the transition.

CNSA 2.0 alignment, requirement by requirement

Cryptographic primitives behind this capability

Each capability rests on signed, verifiable signature components.

Component

Capability manifests

Component

Evidence chain

Component

Framework crosswalk

Start attesting in 60 seconds.

Free plan includes fingerprinting, unverified attestations, and a public registry listing. Upgrade when you need signed proofs or SLA-backed verification.

Create a free account See pricing