SDG 9: Industry, Innovation and Infrastructure | SDG 16: Peace, Justice and Strong Institutions | SDG 17: Partnerships for the Goals

Department of Science & Technology (DST) | Ministry of Electronics and Information Technology (MeitY) | Office of the Principal Scientific Adviser (PSA)

Department of Science & Technology (DST) report, Implementation of Quantum Safe Ecosystem in India, provides a strategic roadmap for transitioning India’s digital infrastructure to quantum-safe security to counter the emerging threat posed by cryptanalytically relevant quantum computers (CRQCs).

The analysis identifies several core pillars of reform and strategic action required to build a resilient post-quantum ecosystem:

Strategic Pillar 1: Cryptographic Transition and Post-Quantum Cryptography (PQC)

The report emphasizes that current public-key encryption (like RSA and ECC) will be rendered obsolete by quantum algorithms, necessitating a shift to Post-Quantum Cryptography (PQC):

• Standards Adoption: India intends to align with global standards, such as those set by NIST, while also evaluating indigenous cryptographic algorithms to ensure national security and technological sovereignty.

• Hybrid Implementation: The Task Force recommends a “hybrid approach” where classical and quantum-safe algorithms are used together during the transition to maintain security against both current and future threats.

• Priority Sectors: Initial migration efforts will focus on critical infrastructure, including banking and finance, telecommunications, power grids, and strategic government communications.

Strategic Pillar 2: The National Quantum Mission (NQM) Integration

The post-quantum security framework is a vital component of the broader National Quantum Mission (NQM):

• Mission Governance: The migration is overseen by the Mission Governing Board (MGB) and a dedicated Task Force to ensure a “whole-of-government” approach.

• Research and Development: The NQM will fund Thematic Hubs (T-Hubs) focused on quantum computing, communications, and sensing to develop the underlying hardware and software for a quantum-safe India.

• Human Capital: A key recommendation is the creation of a specialized workforce through “Quantum-Safe Training Programs” to bridge the skill gap in advanced cryptography.

Strategic Pillar 3: Infrastructure and Migration Roadmap

A phased implementation strategy has been defined to ensure a smooth transition of the national digital ecosystem:

• Quantum Readiness Index (QRI): The Task Force proposes a readiness index to help organizations assess their current cryptographic exposure and prioritize migration steps.

• Migration Timelines: The roadmap envisions a decade-long transition, starting with “Quantum Literacy and Awareness” (2025-2026), followed by pilots in the financial sector (2027-2028), and full-scale migration by 2035.

• Industry Collaboration: The report calls for partnerships between government, academia, and private industry (including startups) to develop a robust commercial market for quantum-safe products.

Economic and Security Metrics

The report grounds these pillars in the potential risks and required investments:

• The “Harvest Now, Decrypt Later” Threat: Hostile actors are already collecting encrypted data with the intent of decrypting it once quantum computers are available, making immediate PQC adoption a security imperative.

• Impact on Finance: For the banking sector, the transition involves updating the security protocols for millions of digital transactions, where the cost of a single major cryptographic failure could reach billions of dollars in economic loss.

• Global Benchmarking: India’s strategy is benchmarked against initiatives in the USA, EU, and Singapore, ensuring that Indian enterprises remain globally compatible and secure.

What is “Quantum-Safe Security” (Post-Quantum Cryptography) in the context of India’s digital mission? Quantum-safe security refers to cryptographic algorithms—usually based on complex mathematical problems like lattices or isogenies—that are thought to be secure against both traditional and quantum computers. In India’s digital mission, this means replacing the current digital signatures and encryption keys used in everything from Aadhaar to UPI with new “quantum-resistant” protocols. The goal is to ensure that even if a powerful quantum computer is built, India’s national data, financial systems, and defense communications remain private and untampered.

Policy Relevance

The report serves as a critical directive for preserving India’s digital sovereignty in the quantum era.

1. Securing Digital Public Infrastructure (DPI): By mandating PQC for UPI, Aadhaar, and DigiLocker, the government ensures that the “India Stack” remains resilient against future existential threats.

• Fostering a Post-Quantum Industry: The recommendations to fund startups through the NQM aim to position India as a global exporter of quantum-safe hardware and software.

• Legal and Regulatory Updates: Agencies like SEBI, RBI, and IRDAI will need to issue new “Quantum-Readiness” guidelines to ensure that the financial sector begins its migration by 2027.

Follow the full report here: Implementation of Quantum Safe Ecosystem in India | DST