Post-Quantum Encryption: What the Mandate Gets Right and What It Misses

The federal government issued its clearest signal yet that the quantum threat is no longer theoretical.Executive Order 14409, signed June 22, 2026, mandates that federal agencies and their contractors migrate to post-quantum encryption by 2030. The harvest-now-decrypt-later threat it cites is not a future problem. It is a current one.

Understanding what the order requires; and what it does not; is the most important cryptographic planning conversation your organization can have this year. Federal organizations that read only the mandate will miss a persistent, harder problem.

What EO 14409 Actually Requires

The order mandates that all federal High Value Assets and high impact systems transition to post-quantum cryptography for key establishment by December 31, 2030, and for digital signatures by December 31, 2031. A proposed FAR rule would extend the same 2030 deadline to federal contractors; but that rulemaking is in progress. Federal contractors should treat the 2030 deadline as the planning horizon regardless.

The EO directs migration to NIST-approved algorithms. ML-KEM handles key establishment. ML-DSA and SLH-DSA handle digital signatures. These are the post-quantum algorithms NIST finalized in 2024. They run on existing classical hardware, which matters for deployment planning.

How This Connects to CMMC, FedRAMP, and FISMA

For federal contractors operating inside CMMC, FedRAMP, and FISMA frameworks, EO 14409 does not arrive in isolation. It lands on top of compliance obligations that are already evolving to incorporate PQC requirements.

CMMC. Levels 2 and 3 require FIPS 140-validated cryptographic modules to protect Controlled Unclassified Information. PQC requirements will flow into CMMC when NIST SP 800-171 is updated; no firm timeline exists for that update, but the direction is set by the EO. CMMC Level 2 enforcement is scheduled to expand to the broader defense industrial base in November 2026 — seven weeks after the FIPS 140-2 sunset. Organizations already pursuing or holding CMMC certification should plan for PQC as part of their next assessment cycle.

FedRAMP. Cloud service providers authorized under FedRAMP must comply with NIST SP 800-53, which requires FIPS 140-validated cryptographic modules. PQC integration into FedRAMP awaits FIPS 140-3 validated PQC implementations, expected no earlier than 2027. For cloud providers and the agencies that rely on them, that timeline creates a planning window, not a waiting period.

FISMA. The EO directs agencies to build their PQC migration inventory from existing FISMA high-impact system categorizations and High Value Asset designations. If your agency has completed its FISMA categorization, that list is your PQC migration scope.

One important scope clarification: EO 14409 applies to civilian agencies and their contractors. National security systems under DoD and the intelligence community are governed separately by NSA’s Commercial National Security Algorithm Suite 2.0, which has its own migration timeline extending through 2035.

One near-term deadline cuts across all these frameworks: FIPS 140-2 certifications must transition to FIPS 140-3 by September 21, 2026. Organizations relying on FIPS 140-2 validated modules for CMMC, FedRAMP, or FISMA compliance face that transition immediately, separate from the 2030 PQC mandate.

What the Post-Quantum Encryption Mandate Does Not Address

Read EO 14409 carefully and you will notice what it does not require.

It addresses key establishment: how encryption keys are negotiated between systems. It addresses digital signatures: how authenticity is verified. It does not address what happens to data during active processing.

This is not an oversight. Key establishment and digital signatures are the operations most immediately vulnerable to quantum decryption. They are the right starting point. They are not the complete picture.

The gap the EO leaves open is the one standard encryption deployments leave open: data that decrypts when it is in use. A PQC-compliant key establishment mechanism protects the channel through which data travels. It does not protect the data while it is in use. While it is in use, the data exists in plain text. An adversary with system access finds readable data regardless of how quantum-resistant the key exchange was.

Why the Processing Gap Matters More Than You Think

The harvest-now-decrypt-later threat the EO cites applies to data in transit and at rest; any encrypted data adversaries can capture today and store for future decryption. The same logic should apply to data in use.

An adversary who has achieved persistent network access does not need to wait for a quantum computer. Salt Typhoon operated inside U.S. telecommunications networks for up to two years, reading data during active processing. PQC-compliant key establishment stops a future quantum computer from decrypting captured traffic. It does not stop a current adversary reading data that decrypts during processing in a system they have already reached.

The 2030 deadline is the right target for migrating key establishment and signatures. It is not the complete answer to post-quantum data protection. Organizations that complete PQC migration by 2030 without addressing data-in-use encryption will have closed one vulnerability and left another open.

What Post-Quantum Encryption Looks Like at the Data Layer

A complete post-quantum encryption posture protects data across all three states: at rest, in transit, and during active processing. PQC algorithms address key establishment and signatures. The data-in-use layer requires continuous encryption that keeps data encrypted during processing operations.

Continuous encryption means queries run against encrypted data. Reports execute on encrypted records. Analytics process encrypted inputs and return encrypted outputs. The application operates normally. Authorized users work as they always have. This is the architecture we described in Fully Homomorphic Encryption Is Too Slow. Now What? — the practical successor to FHE that delivers the same security outcome at enterprise speed.

That architecture is what makes the complete post-quantum encryption posture coherent. PQC-compliant key establishment closes the quantum decryption threat for data in transit. Continuous encryption closes the active processing window that no key establishment algorithm addresses.

Post-Quantum Ready at the Data Layer, Today

Closing that gap requires an encryption architecture that protects data during active processing, not just at rest and in transit. The PQC migration the EO mandates handles the cryptographic operations that secure the channel. What it leaves unaddressed is what happens inside that channel once data arrives and an application begins working with it. That is a solvable problem. The technology that solves it exists today.

Donoma Seshat is a continuous encryption platform that keeps data encrypted during active processing. It sits at the application layer, between the application and the database. Data never decrypts during queries, analytics runs, or any other processing event. It was built specifically to close the data-in-use gap that standard encryption leaves open. And it is already post-quantum ready.

Seshat deploys at the application layer without replacing existing infrastructure. It runs on standard CPUs with no specialized hardware requirement. In internal testing against open-source BTCPay Server, Seshat added a few milliseconds of latency per transaction. For most enterprise workloads, that delta is operationally invisible. For federal agencies and contractors meeting the 2030 deadline, Seshat addresses what EO 14409 leaves open. PQC migration closes the quantum decryption threat to data in transit. Seshat closes the active processing window those controls leave open.

For enterprises outside the federal procurement scope, the EO’s harvest-now-decrypt-later rationale applies equally. Financial records, healthcare data, and intellectual property all have useful lives extending into the quantum transition window. The 2030 federal deadline reflects the government’s assessment of quantum arrival timing. That assessment is relevant to every organization holding sensitive data with long-term value.

The technology is ready. The mandate is in place. The time for action is now.

If you want to understand what a complete post-quantum encryption posture looks like for your environment,book a solution briefing with the Donoma team.

Frequently Asked Questions

What does Executive Order 14409 require for post-quantum encryption?

Executive Order 14409, signed June 22, 2026, mandates that federal agencies transition all High Value Assets and high impact systems to post-quantum cryptography for key establishment by December 31, 2030, and for digital signatures by December 31, 2031. Federal contractors face the same deadline under proposed FAR rule amendments. The order directs migration to NIST-approved algorithms including ML-KEM for key establishment and ML-DSA and SLH-DSA for digital signatures. These algorithms run on existing classical hardware and are designed to resist attacks from both classical and quantum computers.

What is harvest-now-decrypt-later and why does it matter today?

Harvest-now-decrypt-later is a threat strategy in which adversaries collect encrypted data today with the intention of decrypting it later once sufficiently powerful quantum computers become operational. The threat is active now even though quantum decryption capability does not yet exist at scale. Any sensitive data encrypted under current RSA or elliptic curve cryptography that an adversary captures today could be decrypted in the future. Data with a long useful life, including financial records, healthcare data, national security information, and intellectual property, is particularly at risk because it may still have value when quantum decryption becomes feasible.

Does post-quantum cryptography protect data during active processing?

No. Post-quantum cryptography addresses key establishment and digital signatures, which protect data in transit and at the authentication layer. It does not address what happens when data decrypts during active processing. Every time an application reads data to run a query, generate a report, or process a transaction, that data exits the protection of encryption. PQC-compliant key establishment stops a quantum computer from decrypting captured traffic. It does not stop an adversary with access to the processing environment from reading data during that decryption window.

What is the difference between PQC migration and continuous encryption?

PQC migration replaces current key establishment and signature algorithms with quantum-resistant alternatives. It protects the cryptographic operations that secure data in transit and verify authenticity. Continuous encryption keeps data encrypted during active processing, not just at rest and in transit. The two are complementary. PQC migration closes the quantum decryption threat to data in transit. Continuous encryption closes the data-in-use window that quantum computers and current adversaries can both exploit. A complete post-quantum posture requires both.

Does EO 14409 apply to private sector organizations?

No. The mandate applies directly to federal agencies and federal contractors. Private sector organizations outside the federal procurement scope are not directly required to comply. However, the harvest-now-decrypt-later threat that motivates the EO applies equally to any organization holding sensitive data with a long useful life. Financial records, healthcare data, and intellectual property all qualify. The 2030 federal deadline reflects the government’s assessment of when quantum decryption capability may arrive. That assessment is relevant to private sector risk planning regardless of whether compliance is mandated.

Is Seshat post-quantum ready?

Yes. Seshat’s continuous encryption architecture is designed for the post-quantum threat environment. It keeps data encrypted during active processing on standard CPUs without replacing existing infrastructure. In internal testing against BTCPay Server, Seshat added less than 10 milliseconds of latency per transaction — operationally invisible for most enterprise workloads. It deploys at the application layer without architectural changes to existing systems. Seshat addresses the data-in-use gap that PQC migration for key establishment and signatures does not. Organizations implementing both PQC-compliant key establishment and Seshat continuous encryption achieve a complete post-quantum data protection posture.

Additional Reading:

Fully Homomorphic Encryption Is Too Slow. Now What?

Homomorphic Encryption Alternatives: What Works at Enterprise Scale

The Encryption At Rest Myth: Why Your Encryption Strategy Fails to Protect Data

Perimeter Security Is Not Enough: 5 Steps to Mitigate Risk in a Zero Trust Environment