Read as
Migrating PKI to post-quantum cryptography is the most operationally complex part of the PQ transition. Internal CAs sign certificates with multi-year lifetimes; root CAs sign with 20+ year lifetimes. The wrong algorithm chosen now stays in production for decades. This module covers the architecture for PQ-resistant PKI: which algorithms to use at which layer (root, intermediate, leaf), the migration sequence, certificate lifecycle management, and the specific implementation tools (OQS-OpenSSL, EJBCA, Vault, Smallstep) that ship PQ today.
If your CA root cert was issued in 2020 with RSA-4096 and 25-year validity, it’s signing certificates that will be verified in 2045 — well past the most-pessimistic CRQC arrival estimates. Re-rooting your PKI is unavoidable; the question is when and how, not whether.
The PKI hierarchy in PQ context
Typical PKI hierarchy:
- Root CA (offline, very long lifetime, signs intermediate CAs).
- Intermediate CA (online, 5-10 year lifetime, signs leaf certs).
- Leaf certificates (1-13 month lifetime, signed by intermediate, used by services).
Different PQ algorithm choices for each:
| Layer | Lifetime | Recommended PQ algorithm | Why |
|---|---|---|---|
| Root | 20-30 yr | SLH-DSA-256s | Hash-based; conservative; lifetime > ML-DSA confidence horizon |
| Intermediate | 5-10 yr | ML-DSA-65 | Smaller signatures, faster verification, adequate for medium term |
| Leaf | 1-13 mo | ML-DSA-44 or ML-DSA-65 | Short-lived; auto-rotates; size matters at scale |
Alternative: pure ML-DSA all layers. Simpler operationally; trades root-CA conservatism for size. Reasonable choice for 5-10 year horizon.
Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
Book team training call
Replies in 4 working hrs · India-only · Senior consultants