Preparing for Post-Quantum Cryptography in Identity Documents

27 March 2026

According to experts, Cryptographically Relevant Quantum Computers are expected to become a reality in the early 2030s.

Using dedicated brute force attack algorithms, Quantum computers have the potential to break widely used cryptographic algorithms, compromising the security and privacy of sensitive personal information.

Such an event endangers many conventional algorithms (Key exchange mechanisms, RSA & Elliptic Curve Cryptography). To be more specific, the asymmetric schemes currently used are facing the biggest risk.
As it comes to understanding the impact of such threat for electronic identity documents, the risks at stake are multiple:
- Breaking government signature keys and forge valid false electronic citizen profiles (i.e. breaking the Passive Authentication mechanism, Certificate validation mechanism for Qualified Signature)
- Breaking identity document authentication keys and access confidential data stored in the identity documents (e.g. ICAO Data Group 3 containing the fingerprint image or ICAO Data Group 2 containing the portrait image)
- Breaking private keys and become able to sign on the behalf of the legitimate user (forged digital signatures, illegal access to government services, impersonation/identity theft,…)

The US National Institute of Standards and Technology (NIST) is leading the standardization of quantum-safe cryptographic algorithms. In 2022, several algorithms were selected for standardization. In August 2024, just finalized its first standardization effort and identified the two best candidates for implementation on integrated circuit ( https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards ):

ML DSA (aka CRYSTALS-Dilithium) for digital signature
ML KEM (aka CRYSTALS-Kyber) for key encapsulation

Based on this recent standardization effort, ICAO is now actively working on updating ICAO Doc 9303 for Machine Readable Travel Documents to incorporate quantum-safe algorithms.

European Union is also monitoring the topic to update eIDAS regulation, and has issued a PQC roadmap, detailing when uses cases should be transitioning to PQC depending on their criticality.

Security Agencies in different nations (NIST, ANSSI, BSI, …) are setting time horizons and making recommendations to organize migration to PQC.

Our recommendations for a smooth transition to Post-Quantum Cryptography

Transitioning to PQC deserves attention and detailed planning. Early preparation is crucial to avoid rushed implementations later. Here are some recommendations:

Proceed diligently with cryptographic inventories of all cryptographic resources used in internal and external solutions deployed in organizations, and all along the lifecycle of identity document production & issuance.
Consider migration to a hybrid scheme that combine traditional and quantum-safe algorithms to ensure continued security for your identity documents:
- Hybrid cryptography combines classical cryptography with post-quantum algorithms to maintain security during the transition period.
- To note that implementing PQC algorithms may require more processing power and memory in the micro-controllers embedded in identity documents.
Get involved with organizations working on introducing PQC in their standards (e.g., ICAO New Technology Working Group, European committees)
- Align with guidelines from NIST, ICAO, ISO, other standardization bodies and national guidelines
- Encourage States to share preparatory work, roadmaps and lessons learned to foster technical convergence and interoperability for the introduction of PQC in security mechanisms.
- Invite States to conduct risk assessments, including in particular Data Protection Impact Assessments that account for the quantum threat to photos, fingerprints and identity data, which should guide the pace and nature of migration.
- Build a progressive, coordinated approach including a structured governance with technical and non-technical stakeholders.
- Partner with vendors developing PQC solutions to stay ahead of technological advancements
Plan for upgradability:
- Consider the capability to update seamlessly cryptographic algorithms of secure identity documents, including those already in the field.
- Launch end to end PQC pilots, to evaluate the impact of the full chain, from the HSM to the identity document, from the verification use cases to full access to e-government services.
- Harmonize validity period of identity documents to 5 years to mitigate risks

By following these recommendations, organizations can position themselves to effectively navigate the challenges posed by quantum computing and ensure the continued security of identity documents in the coming decades.

Introducing such technologies into large field deployment could take several years and potentially hit the time when Quantum Computers are ready to endanger underlying cryptography. Thus, SIA recommends starting as early as in 2026. A selection of the above recommendations (inventory, risk assessment, harmonization of identity document validity, regulation analysis) would then provide immediate benefits for a smooth transition to PQC.