When the world's at stake,
go beyond the headlines.

Bletchley Park was more than a place — it was a method.

During World War II, the United Kingdom combined science, engineering, operations, and alliance management into a unified codebreaking system that cracked the Enigma Machine and changed the course of history. Today, we need a modern Bletchley-style effort to manage the post-quantum cryptography transition. This “Bletchley method” rests on three pillars: tight feedback loops between science, engineering, and operations; disciplined alliance organization; and continuous testing and verification.

The urgency is technical: Once fault-tolerant, cryptanalytically relevant quantum computers exist, Shor’s algorithm will break today’s public-key cryptography by efficiently factoring large integers and computing discrete logarithms. Grover’s algorithm provides a quadratic speedup for brute-force key search — effectively halving symmetric-key security. Consequently, the world’s core cryptographic infrastructure should be comprehensively transitioned, not just patched.

The United States and its allies should apply the Bletchley model by linking timely, verifiable domestic execution of post-quantum cryptography with an allied, standards-based certification compact. Applied defensively, it means post-quantum cryptography by default and certified interoperability — a coalition campaign for secure post-quantum adoption. Together, these measures would deliver interoperable and auditable post-quantum cryptography at scale — soon enough to neutralize the harvest-now, decrypt-later threat. Washington can earn credibility to lead internationally by executing at home first.

The approach should be operationalized in two tracks: a time-bound domestic implementation plan and a deployable certification compact abroad.

Track One: Ultra at Home

The Bletchley method worked because discovery quickly flowed into doctrine and deployment. This track mirrors that flow. Historically, Bletchley Park’s output — decrypted intelligence — was codenamed “Operation Ultra.” This intelligence was the verifiable, actionable product of the entire science and engineering effort. America’s “Ultra at Home” should do the same, drawing on quantum information science to turn post-quantum cryptography standards like Federal Information Processing Standards 203, 204, and 205 into a deployed, operational reality. The Office of Management and Budget’s Memorandum 23-02 already sets preparatory obligations in inventory, planning, and budgeting. As a next step, the Office of Management and Budget, agency chief information officers, and senior agency officials for privacy should now turn guidance into scheduled, measurable migration milestones that demonstrate execution. To accelerate discovery and interoperability, agencies should adopt and contribute to the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence project on migrating to post-quantum cryptography. This advances cryptographic agility through two workstreams — cryptographic discovery (system inventory) and interoperability testing of standardized post-quantum algorithms.

U.S. domestic execution should proceed through six concrete actions.

First, set dated adoption milestones and publish them. Every cabinet department and critical-infrastructure regulator should set quarterly targets for deploying the National Institute of Standards and Technology’s new algorithms across Transport Layer Security, Internet Protocol Security and virtual private networks, code-signing, payments, and device firmware. Progress should be reported publicly. As a baseline, agencies should report the share of external Transport Layer Security handshakes using approved post-quantum cryptography or hybrids; the share of code-signing for firmware and operating systems using lattice-based digital signatures and stateless hash-based digital signatures; and the share of deployed, Federal Information Processing Standard 140-3-validated modules with post-quantum cryptography enabled. The Internet Engineering Task Force is already standardizing hybrid post-quantum key exchange and authentication through the Terminology for Post-Quantum Traditional Hybrid Schemes, the Transport Layer Security Working Group, and the Post-Quantum Use in Protocols Working Group. The National Security Council and the Office of Management and Budget should direct agencies to align to those profiles to avoid one-off implementations.

Second, procure only what’s validated and automate conformance. The General Services Administration, the Office of Management and Budget, and agency chief acquisition officers should condition federal purchases on Federal Information Processing Standard 140-3-validated modules and the National Institute of Standards and Technology should use the Cryptographic Algorithm Validation Program to automate algorithm testing at scale. The Cybersecurity and Infrastructure Security Agency and the Office of Management and Budget should publish a government-wide cryptography bill of materials from automated discovery tools, consistent with the Cybersecurity and Infrastructure Security Agency’s Strategy for Migrating to Automated Post-Quantum Cryptography Discovery and Inventory Tools.

Third, test what is deployed, not what vendors promise. The Department of Homeland Security Science & Technology Directorate, the National Institute of Standards and Technology, and the Department of Defense should expand the Defense Advanced Research Projects Agency’s Quantum Benchmarking Initiative and related programs (for example Underexplored Systems for Utility-Scale Quantum Computing) into a federal test-and-evaluation network that exercises post-quantum cryptography in real stacks — OpenSSL library with the Open Quantum Safe provider, Domain Name System, email, and mobile — using open, reproducible benchmarks. Program managers and contracting officers should require vendors to clear these bars to sell into federal and military systems. The National Institute of Standards and Technology and the National Science Foundation, working with Department of Energy national laboratories, should fund and maintain reference implementations, building on the Open Quantum Safe “liboqs” library and the PQClean repository.

Fourth, harden the pipeline where quantum meets physics. Export controls are not a detour from post-quantum cryptography — they are leverage. A coalition that controls chokepoints in dilution refrigeration, single-photon detection, cryo-electronics, and quantum-grade photonics sets the de facto terms for global deployment and verification of quantum-secure systems. The U.S. Bureau of Industry and Security, the European Commission’s Directorate-General for Trade, and the United Kingdom’s Export Control Joint Unit should pair the U.S. Bureau of Industry and Security’s interim controls on quantum computing items with the European Union’s updated dual-use framework and the Department of Energy, the European Investment Bank, and allied innovation agencies should invest to ensure joint capacity meets secure demand.

Fifth, be pragmatic about tool choice. Adopt post-quantum cryptography everywhere, but pilot Quantum Key Distribution only in narrowly justified niches with standards-based assurance (for example European Telecommunications Standards Institute Quantum-Safe Cryptography) and independent evaluation. The National Security Agency’s posture for national security systems prioritizes post-quantum cryptography over quantum key distribution. The United Kingdom’s National Cyber Security Centre and Germany’s Federal Office for Information Security’s Technical Guideline 02102 express similar cautions. Civilian departments and independent regulators should follow this posture to prevent a fractured baseline.

Finally, wire “Replicator” to be quantum-ready. The Department of Defense’s Replicator aims to field swarms of attritable autonomous systems at speed. The Office of the Under Secretary of Defense for Research and Engineering and the service acquisition executives should bake post-quantum cryptography into command and control, telemetry, software-update pipelines, and supply-chain provenance now — so systems deployed in 2025 are not silently broken in 2030. This requires a public-private partnership at the program level and reciprocity with trusted suppliers. Program executive offices, prime contractors, and frontier-tech firms should co-design secure communications, cryptographic agility, and model-assurance practices to prepare for future threats. It is better to build resilience now than retrofit under fire.

Track Two: Allied Codebook Abroad

The second track focuses on building interoperable cryptographic standards to prevent a quantum-era splintering of the internet. Today’s internet functions smoothly because cryptographic standards interoperate across borders and systems. The greatest strategic risk ahead is a “quantum splinternet” — a fragmented digital landscape of incompatible national encryption stacks, some based on proprietary or opaque technologies. Such fragmentation would weaken the open web, disrupt NATO interoperability, and undermine global finance.

To avoid this, the United States, the European Union, the United Kingdom, Canada, and Japan should make post-quantum cryptography the default for all public-facing services, maintain transparent migration dashboards, and align on standards-first certification. This cooperative approach reflects the spirit of the Bletchley Declaration and reinforces shared trans-Atlantic cybersecurity priorities.

To make this a reality, I propose six measures to establish international guardrails and operating capacity.

Trans-Atlantic Post-Quantum Cryptography Profile

The National Institute of Standards and Technology and the European Commission (with the United Kingdom’s National Cyber Security Centre, the Canadian Centre for Cyber Security, and Japan’s Ministry of Internal Affairs and Communications) should issue a joint profile. This would bind to the Internet Engineering Task Force’s work on key-encapsulation mechanisms for Transport Layer Security 1.3 and the Limited Additional Mechanisms for Public Key Infrastructure (X.509) and Secure/Multipurpose Internet Mail Extensions working group’s hybrid-certificate work, and to the Post-Quantum Use in Protocols working group’s readiness efforts across Transport Layer Security, X.509, Quick User Datagram Protocol Internet Connections, Secure Shell, and Domain Name System Security Extensions.

Mutual Recognition of Conformance

The National Institute of Standards and Technology and the E.U. Agency for Cybersecurity should build a bridge between the Cryptographic Module Validation Program and the European Cybersecurity Certification Scheme on Common Criteria so vendors can clear one set of tests for allied markets. One test, many markets.

Conformance Laboratories Network

The United States (the National Institute of Standards and Technology and the Department of Commerce) and the European Commission, in coordination with the United Kingdom, Canada, and Japan, should fund a distributed set of accredited laboratories that run the same open test suites on reference implementations and real stacks. This should be anchored in the National Institute of Standards and Technology’s Migration to Post-Quantum Cryptography project.

Capacity-Building With Conditionality

The U.S. International Development Finance Corporation, Export-Import Bank, and their E.U., U.K., and Japanese counterparts should tie development finance, export credit, and cyber capacity-building to certified post-quantum cryptography deployments and crypto-agility plans in partner states.

Crypto-Failure Clearinghouse

The Cybersecurity and Infrastructure Security Agency, the E.U. Agency for Cybersecurity, and the United Kingdom’s National Cyber Security Centre — working with the Forum of Incident Response and Security Teams and U.S. Computer Emergency Readiness Team — should create a mechanism similar to Common Vulnerabilities and Exposures for cross-border cryptographic failures (e.g., bad parameterization, downgrade paths, and certificate-ecosystem issues) with coordinated disclosure and rapid patch dissemination.

International Quantum Agency

The G7 governments should set up an opt-in, non-treaty certification club anchored in U.S. export controls, procurement preferences, and targeted industrial subsidies, rather than a formal treaty body. Modeled narrowly on safeguards functions — audit against agreed quantum-security baselines, certify test methods and reference artifacts, and coordinate incident investigations — participation buys credibility and market access, while non-participation signals risk. This approach fits a sovereignty-first, transactional toolkit: access to U.S. and allied procurement and markets for those who certify, and reduced access for those who do not.

These six proposals constitute an operating compact. That agreement should be supported by three enabling measures.

Use Innovation Alliances to Scale Dual-Use Solutions

NATO’s Defence Innovation Accelerator for the North Atlantic should make quantum security an annual theme in its competitions. This includes incorporating secure communications, resilient timing, and post-quantum-ready edge devices, with test-center access and procurement pathways baked in.

Tie the Physical to the Algorithmic

A comprehensive quantum-security strategy links algorithms and the hardware substrate. While post-quantum cryptography is algorithmic, long-term viability depends on secure elements, true random number generators, hardware security modules, cryogenics, photonics, and timing. The U.S. Bureau of Industry and Security, the European Commission’s DG TRADE, and the United Kingdom’s Export Control Joint Unit should harmonize export controls on quantum computing items, thus enabling hardware to prevent standard-setting from being held hostage by hardware chokepoints. Meanwhile, the Department of Energy, the Creating Helpful Incentives to Produce Semiconductors Program Office, and European funding bodies should fund allied capacity. Recent U.S. and E.U. actions provide the legal scaffolding for coordinated lists and licensing.

Democratic Sovereignty as a Strategic Asset

The free world’s advantage is not secret sauce. It is ethical, values-aligned quantum governance — the ability to organize complex systems under democratic oversight, publish standards that others adopt, and verify what matters. A “Qubits for Peace” compact built on open standards, certification, and responsible export policy channels competition into safer lanes — preserving scientific exchange while defending the core. That is the Bletchley method for a quantum century.

What the United States Should Do Next

Washington should move from simple guidance to verifiable outcomes. The White House should appoint a post-quantum cryptography transition lead and publish a quarterly dashboard, a step that creates visible accountability and enforces dated milestones for code-signing, Transport Layer Security, and firmware. This should be paired with federal procurement power. By conditioning all federal purchases on validated cryptography (such as Federal Information Processing Standard 140-3 modules implementing the new standards) and machine-readable cryptography bills of materials, the government can drive immediate vendor convergence and ensure only validated post-quantum cryptography ships into federal systems. To de-risk this migration, the government should stand up a federal test-and-evaluation network, open to state, local, and critical-infrastructure pilots, demonstrating that new systems are based on measured performance, not just vendor promises. This domestic execution should also prove resilience, mandating annual “crypto-agility” drills across civilian agencies and defense platforms to ensure key management and update pathways are in place before a crisis.

Internationally, creating a trans-Atlantic post-quantum cryptography profile with mutual recognition between the U.S. Cryptographic Module Validation Program and the European Cybersecurity Certification Scheme on Common Criteria, backed by a funded laboratories network, would create a “one test, many markets” dynamic that accelerates allied convergence. Finally, integrating post-quantum cryptography requirements into export-control policy, Creating Helpful Incentives to Produce Semiconductors and Department of Energy funding, and Department of Defense programs like Replicator aligns all instruments of national power, ensuring that supply-chain security, funding, and controls reinforce secure deployment.

Together, these steps replace ad-hoc migration with a verifiable, interoperable baseline: Validated crypto ships by default; progress is captured in live service telemetry; allies run the same test suites; and funding, procurement, and controls pull in the same direction.

Mauritz Kop is the founder of the Stanford Center for Responsible Quantum Technology, a senior fellow at the Centre for International Governance Innovation, and serves as guest professor at the U.S. Air Force Academy. His work spans quantum, AI, cybersecurity, intellectual property, and national security, with publications in leading university presses and top science journals. He advises U.S. and European policymakers on responsible quantum strategy.

**Please note, as a matter of house style, War on the Rocks will not use a different name for the U.S. Department of Defense until and unless the name is changed by statute by the U.S. Congress.

Image: Laboratoire QCMX Quantum Circuits and Matter lab via Wikimedia Commons