N° 02Policy

Reading the Roadmap

Quantum-Safe India Dossier · Grounded on the DST/NQM Task Force Report 2026

The DST/NQM Task Force report is the document that converts "quantum is coming" into dated obligations. Here is what it actually requires — and who it requires it of.

MILESTONES — CII VS. REGULAR ENTERPRISES 2027 2028 2030 2033 CII Power·Telecom Defence·ISRO M1 Foundation M2 Migrate M3 Full PQC Dec 27 Dec 28 Dec 29 REGULAR Most banks NBFCs·insurers M1 Foundation M2 Migrate M3 Full PQC CBOM submission becomes a vendor mandate from FY 2027–28 — the gate everything else passes through.
Critical Information Infrastructure runs three years ahead of everyone else. For BFSI, the relevant question is which row you sit in — and many institutions sit in both.

A national report on quantum cryptography could have been a survey of physics. This one is a programme-management document. Its central contribution is not explaining the threat — it is assigning dates, owners, and an order of operations. For anyone in Indian BFSI, those three things are the whole story.

Three milestones, two timetables

The report defines a three-stage migration and then runs it on two clocks depending on who you are.

  • Milestone 1 — Build the Foundations. Establish governance, complete discovery and inventory of cryptographic assets, run quantum risk analysis, adopt crypto-agility as a guiding principle, and begin requesting and then mandating CBOMs from vendors. CII: by 31 Dec 2027. Regular enterprises: by 31 Dec 2028.
  • Milestone 2 — Migrate High-Priority Systems. Convert pilots into funded programmes, enforce a strict "no new classical-only deployments" policy, deploy PQC-capable PKI and hybrid certificates, and upgrade HSMs, KMS and libraries. CII: by 31 Dec 2028. Regular: by 31 Dec 2030.
  • Milestone 3 — Full PQC Adoption. PQC becomes the default across all systems, classical-only trust chains are retired, and crypto-agility is institutionalised as ongoing practice. CII: by 31 Dec 2029. Regular: by 31 Dec 2033.

The compression for CII is deliberate. Critical Information Infrastructure — power, telecom, defence, and the financial-market plumbing that supports them — must finish in 2029 what other enterprises have until 2033 to complete.

The personas: the report's prioritisation logic

Rather than treating all organisations identically, the report sorts them into PQC Personas based on quantum-risk exposure, system longevity, and data sensitivity:

  • Urgent Adopters — critical infrastructure and high-risk operators (the report names Power, Telecom, ISRO, DRDO, ONGC). Accelerated timelines across every milestone.
  • Regular Adopters — moderate-risk enterprises following the baseline 2028 / 2030 / 2033 schedule.
  • Technology Providers & Enablers — vendors of cryptography-related products, expected to lead by example and support the broader ecosystem.

The crucial subtlety: an organisation can match more than one persona, and the highest-risk persona governs. A bank that also operates payment-switch infrastructure with long-lived keys does not get to claim the comfortable timeline. This single rule pulls a large slice of BFSI toward the urgent end of the spectrum.

The migration is not a technology upgrade. The report calls it a fundamental shift in digital trust — governed, funded, and audited like one.

CBOM as the universal gate

One instrument threads through every milestone: the Cryptographic Bill of Materials. From FY 2026–27 organisations are told to begin requesting CBOMs and quantum-resiliency roadmaps from vendors in procurement; from FY 2027–28 they must mandate CBOM submission through procurement policy. This is the lever that propagates the entire programme through the supply chain — a bank cannot meet its obligations if its core-banking, payments and HSM vendors cannot produce a credible cryptographic inventory.

Assume-breach, and no new classical-only systems

Two principles in the report deserve to be quoted into every internal strategy deck. The first is assume-breach: plan as though HNDL adversaries are already capturing your traffic, because retrospective mitigation after Q-Day is impossible. The second arrives at Milestone 2 — a strict "no new classical-only deployments" policy. Read carefully, that obligation bites well before 2028: every procurement and architecture decision made now either adds to the migration backlog or doesn't. The cheapest quantum-safe migration is the classical system you never deploy in the first place.

What a bank should take from the document

Three things. First, find your row and your persona — and apply the highest-risk one honestly. Second, treat 2027 (not 2030) as the live deadline, because the foundation work is where the years go. Third, recognise that CBOM is the load-bearing deliverable: without an accurate cryptographic inventory, risk analysis, prioritisation, roadmap and vendor governance all rest on guesswork.

Where KavachQ fits · SCORE + PLAN · 02 / 03

The report's Milestone 1 is, almost line for line, what KavachQ's SCORE and PLAN modules produce: a CycloneDX 1.6 CBOM, a quantum risk classification, a DST persona classification, and a prioritised migration backlog with effort estimates mapped to the 2027/2028/2029 deadlines. It is purpose-built around this report's structure rather than retrofitted to it. → See N° 03 for what a CBOM contains, and N° 06 for the phased plan.