The development of quantum computers threatens to render obsolete certain cryptographic algorithms used to secure telecommunications networks.
Faced with the risks of retroactive compromise via “store now, decrypt later” attacks and the potentially severe consequences for customer privacy and service continuity, EU Member States are working to ensure a coordinated transition to post-quantum cryptography in order to comply with the Recommendation of April 11, 2024.
This document translates European expectations at the national level by defining the minimum requirements for quantum risk management and transition to post-quantum cryptography, as well as establishing the sectoral timetable of objectives for Belgian telecommunications operators.
The chosen reference approach is structured in three phases.
It includes:
- inventory of cryptographic assets and quantum risk analysis;
- migration planning with the appointment of a dedicated manager and ecosystem coordination;
- execution of the gradual deployment of solutions.
The sectoral timetable sets targets ranging from the finalization of inventories upon publication of the document to the completion of migration by 2030 for the most critical systems, with a supervision mechanism provided for under the Law of June 13, 2005, on electronic communications, as well as by the “NIS2” and “CER” directives directives (Directive (EU) 2022/2557 of December 14, 2022 on the resilience of critical entities), in order to achieve European quantum resilience objectives by 2035.
How to reply to this document?
- Until 3 November 2025
- Only by email to consultation.sg@bipt.be
- With the reference “Consult-2025-C3”
- Contact person: Reda Meftah, Engineer-Advisor (+32 2 226 87 75)
- Please attach the cover form to your answer.
- Your comments should refer to the paragraphs and/or sections they relate to, and confidential parts