President Donald Trump’s new quantum executive order makes post-quantum cryptography a national security priority, tying the government’s encryption migration to a wider federal effort to accelerate quantum computing, protect sensitive research and track the risks posed by increasingly powerful commercial systems.
The order does not create a standalone post-quantum cryptography program, but it does embed PQC inside a broader quantum strategy that treats computing, sensing, networking, supply chains, workforce and counterintelligence as parts of the same national security problem.
The quantum executive order suggest that the administration views the quantum threat to encryption not as a distant technical issue, but as one part of a larger race to control quantum capabilities before adversaries can exploit them.
Quantum computers are not yet able to break today’s widely used public-key encryption. But sufficiently powerful future machines could threaten systems such as RSA and elliptic-curve cryptography, which help protect government communications, banking systems, cloud services, software updates and critical infrastructure. The most urgent concern is “harvest now, decrypt later,” in which adversaries collect encrypted data today and store it until future quantum computers can read it.
The order directs the director of national intelligence and the secretary of War, working with the Economic and Security Implications of Quantum Information Science subcommittee and consulting with State, Commerce and Energy, to identify the national security implications of the increasing scale and performance of commercial quantum computers. The order specifically names implications for migration to post-quantum cryptography.
That requirement could help connect two tracks — the development of quantum computers and the defensive work needed to protect classical networks from them — that have often moved separately. For cybersecurity leaders, the key question is not only when a cryptographically relevant quantum computer will arrive, but also how agencies will measure progress toward that point, how they will share risk assessments and how they will translate those assessments into migration deadlines.
The quantum executive order also calls for a national center to assess the performance of quantum computing systems. That provision is important for PQC planning because the practical threat to encryption depends on more than qubit counts. It depends on error correction, circuit depth, logical qubit quality, system speed and the ability to run algorithms at scale. A federal capability to evaluate quantum machines could give policymakers and security teams a more realistic view of when specific cryptographic systems face material risk.
The directive also creates the Quantum Computer for Application Development and Discovery Science, or QC-ADDS, a federal effort to develop at least one quantum computer for scientific discovery and place it at a Department of Energy facility where possible. While QC-ADDS is framed around scientific and economic applications, the quantum executive order also directs agencies to explore national security uses of quantum computing. That dual-use posture will be closely watched by the cybersecurity sector because advances in government-backed quantum computing could sharpen both defensive and offensive planning.
The order’s counterintelligence provisions directs the FBI, working with defense, intelligence, homeland security, NSA and other agencies, to propose staffing requirements to expand the Quantum Information Science and Technology Counterintelligence Protection Team. The team is tasked with improving protections against adversarial threats to the quantum ecosystem, including cybersecurity threats, and with improving threat-sharing with federal, academic and industry research entities.
The provision widens the quantum security problem beyond cryptographic standards. Quantum risk also includes theft of research, compromise of suppliers, cyber intrusion into labs and cloud platforms, and foreign access to sensitive components or expertise. A successful adversary does not need to wait for a quantum computer if it can steal designs, recruit insiders or compromise the companies building the technology.
The order also directs Commerce and other agencies to strengthen domestic quantum supply chains and support quantum-enabling technologies. Those supply-chain provisions may affect cybersecurity because quantum systems depend on specialized hardware, software, fabrication tools, cryogenic systems, photonics, lasers, control electronics and other components. Trust in those supply chains will matter if quantum systems become part of national security, critical infrastructure or secure communications networks.
International coordination is another major theme as the order directs State and Commerce to work with like-minded countries on trusted supply chains, investment restrictions, research security and export controls. For PQC, allied coordination will be important because encrypted data, vendors, standards and networks cross borders. A fragmented migration could leave weak links in shared systems.
The order does not replace existing federal PQC work, including the move toward quantum-resistant algorithms and agency migration planning. It also does not set a single date for when vulnerable cryptography must be retired. But it adds pressure for agencies to connect PQC migration to live intelligence assessments, commercial quantum progress and national security planning.
