Crypto news

The French National Agency for the Security of Information Systems (ANSSI) has announced a radical change in certification rules: starting in 2027, the agency will cease to approve cybersecurity products that are not equipped with encryption resistant to quantum attacks. This statement was made at the France Quantum conference by Samih Souissi, head of the agency's cabinet.

This step is not just a bureaucratic formality. ANSSI certification is a mandatory requirement for the use of any solutions in French government agencies and critical infrastructure facilities. Thus, from 2027, private and public entities working with sensitive data will face a strict limitation: without modern post-quantum protection, their products simply will not be granted clearance to operate.

Souissi emphasized that by 2030, companies must transition to purchasing exclusively quantum-resistant products. The reason for this ultimatum is the threat known as "harvest now, decrypt later." Attackers can already intercept and accumulate encrypted data en masse, exploiting vulnerabilities in current algorithms. As soon as quantum computers achieve sufficient power, these archives will be cracked in a matter of minutes.

This is not just a forecast, but a real strategic threat. Data considered secure today could become an open book tomorrow. The French regulator is acting proactively, setting a standard for all of Europe. Similar steps are expected from other national agencies, which will accelerate the global transition to post-quantum cryptography.

Expert opinion: ANSSI's decision is a clear signal to the market: the era of traditional encryption is coming to an end. Companies that delay integrating quantum-resistant protocols risk not only losing access to government contracts but also leaving their data defenseless against future attacks. The transition will require significant investment, but the alternative—complete loss of confidentiality—is far more costly.