Compliance deadlines
Read →
NSA suite
CNSA 2.0 guide
CNSA 2.0 defines approved algorithms and deadline tiers for national-security systems — 2030–2033 for most transitions.
Framework
Commercial National Security Algorithm Suite 2.0
Deadline: 2030–2033
Executive summary
The NSA Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) replaces Suite B with quantum-resistant algorithm requirements for national security systems. ISSOs and defense contractors must map current algorithms to CNSA tiers and demonstrate migration progress.
Deadline tiers
CNSA 2.0 sets phased deadlines through 2030–2033 depending on system classification and algorithm usage. Align inventory prioritization to earliest applicable tier — not NSM-10's 2035 horizon alone.
Approved algorithms
CNSA 2.0 approves ML-KEM, ML-DSA, and SLH-DSA for applicable use cases. Inventory must identify systems still on RSA, ECDSA, or legacy DH.
Authorization reviews
Systems seeking authorization to operate (ATO) or CMMC certification need evidence of crypto inventory and migration planning. Signed Qtangl reports with /verify support ISSO packages — inventory aid, not authorization decision.
Qtangl mapping
Algorithm classification against CNSA tiers, deadline-tier backlog prioritization, re-scan verification after each migration phase.
Qtangl mapping
- Algorithm classification against CNSA 2.0 tiers
- Deadline-tier prioritization in remediation backlog
- Re-scan verification after each migration phase
References & further reading
Authoritative primary sources cited in this article. Summaries are our own — follow links for full context.
Last verified 2026-06-03
- Commercial National Security Algorithm Suite 2.0 (CNSA 2.0)NSA · 2022NSA migration tiers for national security systems through 2030–2033.
- National Security Memorandum on Post-Quantum Cryptography (NSM-10)White House · 2022-05Federal mandate requiring migration away from quantum-vulnerable algorithms by 2035.
Try it