Post-quantum readiness and cryptographic transition planning for enterprise cloud

Abstract Cryptographically relevant quantum computers (CRQCs) would break widely deployed public-key cryptography (RSA/ECC) via Shor’s algorithm, enabling retroactive decryption of captured ciphertext (“harvest now, decrypt later”). This paper presents an enterprise-cloud transition framework that couples (i) standards-based algorithm selection using NIST’s post-quantum standards (FIPS 203–205), (ii) a cloud threat model that distinguishes retroactive confidentiality loss from forward integrity/