← Back to Blog
Post-Quantum CryptographyNISTComplianceFIPSData Security

NIST IR 8547 Sets the PQC Migration Floor. The Calendar Bites in 2027.

Lattix branded cover for NIST IR 8547 Sets the PQC Migration Floor. /26 section number, 2027 binding window date, federal civilian migration cohort statistic, IBM Plex Mono on dark grid background, surgical yellow accent on the migration milestone in a timeline strip.

NIST Internal Report 8547, Transition to Post-Quantum Cryptography Standards, sets the migration timeline for federal civilian information systems. The report names the algorithms that depend on classical cryptography, the algorithms that depend on quantum-resistant cryptography, and the dates by which federal systems are expected to operate under the latter. The 2024 release set the framework. The 2026 update sharpens the schedule. The data on actual migration progress, available mid-2026 from program office reporting and from FIPS 140-3 validation throughput, shows that the schedule is tighter than the framing of the report suggests.

NIST published FIPS 203 (Module-Lattice-Based Key-Encapsulation Mechanism Standard), FIPS 204 (Module-Lattice-Based Digital Signature Standard), and FIPS 205 (Stateless Hash-Based Digital Signature Standard) as final standards in August 2024. The algorithms are settled. The implementations are available. The constraint on adoption is not the cryptographic primitive. The constraint is the path through which each primitive reaches operational systems under federal cryptographic policy.

Where the schedule actually binds

Two binding windows matter for federal civilian systems. The first is the CNSA 2.0 acquisition window of January 1, 2027, which applies to new National Security System procurements. The second is the broader civilian transition window that NIST IR 8547 articulates for high-impact systems, which the report frames as the 2030 to 2035 range with intermediate milestones in 2027 and 2028 for new acquisitions.

The CNSA 2.0 window is mandatory for NSS acquisitions. The civilian window is policy direction supported by acquisition guidance and Federal Information Security Modernization Act oversight. Both windows depend on FIPS 140-3 validated cryptographic modules implementing FIPS 203 and FIPS 204. The schedule from algorithm finalization to operational deployment runs through the Cryptographic Module Validation Program.

The CMVP processed approximately 200 module validations per year in 2024. The validation queue at the start of 2026 exceeded 800 modules. The throughput improved in 2026 but remains the schedule pinch point for vendors and integrators. A program office that orders a PQC-capable solution in mid-2026 may be looking at validation in 2027 or 2028, then deployment, then operational acceptance.

What this means for high-impact systems

A federal civilian system at FIPS 199 high impact requires FIPS 140-3 Level 2 or higher modules in most cases. The system inherits the cryptographic posture of its modules. A system whose cryptographic operations are implemented in application code, distributed across services, and validated at the application boundary cannot migrate to PQC by swapping a library. The migration requires re-validation of every module the system depends on.

NIST IR 8547 names this constraint and recommends cryptographic agility as the architectural answer. Cryptographic agility decouples the application from the algorithm choice. The application calls an interface. The interface dispatches to a validated module. The module choice is a configuration. Algorithm migration becomes a configuration change against a re-validated module rather than an application rebuild.

The implementation pattern that produces cryptographic agility at scale is the wrapped-key architecture. Data objects are encrypted with object-level data encryption keys. The data encryption keys are wrapped under key encapsulation algorithms held at a centralized key management service. Migrating the wrapping algorithm from RSA-3072 to ML-KEM-768 or ML-KEM-1024 is a service-side change. The applications that consume the data do not change.

Where Lattix architecture maps

Lattix Technologies implements wrapped-key cryptographic enforcement at the data object level. Each data object carries a data encryption key wrapped under a key encryption key held at the policy enforcement point. The wrapping algorithm is configurable at the PEP. The implementation includes ML-KEM-768 and ML-KEM-1024 alongside classical algorithms. A migration to PQC is a configuration change at the PEP, not an application rebuild.

The architecture also addresses the CMVP throughput constraint. The cryptographic operations that require FIPS 140-3 validation are concentrated in the PEP, not distributed across application code. The validation surface is smaller. The validation work is concentrated where the validation effort produces leverage.

What program offices should be doing in the next 90 days

Three operational priorities matter for program offices facing the 2027 binding window.

The first is the cryptographic inventory. Every public key operation in the system inventory must be identified by purpose, algorithm, key size, and validation status. The inventory deliverable bounds the migration scope and identifies the modules requiring re-validation.

The second is the cryptographic agility decision. Systems that implement cryptography tightly coupled to application code face migration cost proportional to the application portfolio. Systems that implement cryptography through wrapped-key architectures face migration cost proportional to the PEP infrastructure. The architectural choice made in 2026 determines the cost in 2027.

The third is the CMVP submission posture. Vendors that submit early validate early. Program offices that select vendors with active CMVP submissions land operational systems earlier. The lead time from submission to deployment is now the dominant schedule variable.

How the standards align

NIST IR 8547, NIST IR 8413 (Status Report on PQC Standardization), CNSA 2.0, NSA CSA-U/OO-181708-22, and the NIST CSRC FIPS 203/204/205 family converge on the same architectural direction. The cryptographic primitives are settled. The migration is now an architecture problem.

Federal civilian systems that approach the 2027 milestones with cryptographic agility infrastructure in place migrate by changing configuration. Federal civilian systems that approach the 2027 milestones with cryptography embedded in application code face a multi-year rebuild on top of a validation backlog they cannot accelerate. The architectural decision is the schedule decision.

References

← Back to Blog