Meta publicly released the quantum-resistant cryptography migration framework: proposing a five-level maturity model, already deployed anti-quantum encryption in internal infrastructure

ME News update: On April 17 (UTC+8), according to Beating Monitoring, at the end of March, Google’s Quantum AI paper lowered the physical number of qubits required to crack elliptic-curve encryption by about 20 times. At the same time, Google moved up its quantum-resistant migration deadline to 2029, and industry discussion about “Q-Day” has once again heated up.

On April 16, Meta’s engineering team published a long article that disclosed the company’s internal post-quantum cryptography (PQC) migration framework, including risk grading standards, a five-level maturity model, and a six-step migration strategy. The purpose is to provide other organizations with a practical, reusable path that can be applied directly.

Meta’s core concept is “PQC Migration Maturity Levels,” which classifies an organization’s post-quantum resistance capability from low to high into five tiers: PQ-Unaware (not yet aware of quantum threats), PQ-Aware (initial assessment completed but no design started), PQ-Ready (technical solutions implemented but not deployed), PQ-Hardened (all currently available defenses deployed, but threats cannot be fully eliminated due to missing certain cryptographic primitives across the industry), and PQ-Enabled (fully enabled post-quantum security). The practical value of this tiering system is that it acknowledges most organizations cannot get everything right in one step, while also providing clear definitions and measurable criteria for each stage.

The migration strategy advances in six steps: determine risk priorities, establish a cryptographic assets inventory, address external dependencies (such as standards development and hardware support), build PQC components, set protective guardrails (prohibiting new projects from using quantum-vulnerable algorithms), and integrate the PQC components into real business operations.

For risk grading, Meta gives the highest priority to scenarios vulnerable to “store now, decrypt later” attacks—situations in which attackers can intercept encrypted traffic now, store it, and decrypt it later once quantum computers mature. Applications that use public-key encryption and key exchange are already at risk even before quantum computers appear, so they need to be migrated first.

In terms of algorithm selection, Meta recommends using ML-KEM (key encapsulation) and ML-DSA (digital signatures), which are based on NIST standards that have already been published. It also favors a hybrid deployment approach: overlaying post-quantum encryption on top of existing classical encryption, so that an attacker must break both layers in order to succeed. Meta cryptographers are also involved in developing NIST’s newly selected PQC algorithm HQC. Because HQC is based on different mathematical foundations from ML-KEM, it serves as a backup option: if vulnerabilities are discovered in the module-lattice cryptography underlying ML-KEM, HQC can take over.

Meta states that it has deployed post-quantum encryption protections across a large volume of internal infrastructure traffic, and the migration is still ongoing. For most enterprises, the value of this blog post is not in the specific details of Meta’s own progress, but in the five-level maturity model and six-step strategy, which provide an assessment and planning toolkit that can be applied directly. Against the backdrop of continuously lowering the threshold for quantum-bit attacks, “store now, decrypt later” attacks mean that the migration window is more urgent than the arrival of truly usable quantum computers.

(Source: BlockBeats)