Policy & Standards

NSA's CNSA 2.0: The Military's Deadline for a Quantum-Safe World

April 18, 2026 · qdayiscoming.com

When the world's most secretive intelligence agency publishes a migration deadline, it signals something important: the threat is real, the timeline is known, and waiting is no longer an option. In September 2022, the National Security Agency released CNSA 2.0 — the Commercial National Security Algorithm Suite 2.0 — setting hard deadlines for transitioning all US national security systems to post-quantum cryptography.

What is CNSA 2.0?

CNSA 2.0 is the NSA's official list of cryptographic algorithms approved for protecting classified and sensitive national security information in a post-quantum world. It replaces CNSA 1.0, which relied on elliptic curve and RSA-based algorithms now considered vulnerable to quantum attacks.

The new suite is built entirely around NIST's post-quantum standards: CRYSTALS-Kyber for key exchange, CRYSTALS-Dilithium for digital signatures, and XMSS/LMS for software and firmware signing. These are the same algorithms that NIST formally standardised in August 2024.

The deadlines

2025

All existing National Security Systems must meet CNSA 1.0 requirements or obtain a waiver. Transition planning must begin immediately.

2027

All new NSS acquisitions must be CNSA 2.0 compliant. No new hardware or software procured for national security use can rely on classical cryptography from this point forward.

2030

Hybrid deployments combining classical and post-quantum cryptography must be in place across most system types.

2033

Final mandatory compliance deadline for all National Security Systems. Full migration to CNSA 2.0 complete.

Why 2033? The NSA's 2033 deadline is not arbitrary — it reflects internal intelligence estimates about when a cryptographically relevant quantum computer could plausibly exist. It is a deadline designed to ensure migration is complete before the threat materialises.

What this means for the private sector

CNSA 2.0 formally applies only to US government and defence contractors. But its practical influence extends far wider. Companies that supply software, hardware, or services to the US government — from cloud providers to semiconductor manufacturers — must comply. This covers a significant fraction of global enterprise technology.

More broadly, CNSA 2.0 sets the template that allied governments and standards bodies are following. The EU's ENISA, the UK's NCSC, Germany's BSI, and Australia's ASD have all issued equivalent guidance pointing organisations toward the same NIST-approved algorithms and similar timelines.

Are organisations moving fast enough?

In short: most are not. A 2025 survey by the Global Risk Institute found that fewer than 20% of large enterprises had completed a cryptographic inventory — the essential first step before any migration can begin. The average large organisation uses thousands of cryptographic implementations across its infrastructure, many undocumented and buried in legacy systems.

The NSA's 2033 deadline sounds distant. But given that cryptographic migrations in complex enterprise environments typically take five to ten years from planning to completion, organisations that haven't started by 2026 are already at risk of missing it.

Sources