up:: The Mandates MOC
ACSC (Australia)
The Australian Signals Directorate (ASD), through the Australian Cyber Security Centre (ACSC) and its Information Security Manual (ISM), sets the most aggressive national post-quantum timeline of any major authority. Where the U.S., UK, EU, and Canada anchor on 2035, the ISM’s Guidelines for Cryptography direct that traditional asymmetric algorithms, RSA, Diffie-Hellman, ECDH, and ECDSA, cease being used by the end of 2030, and it approves only the highest-strength post-quantum parameter sets, ML-KEM-1024 and ML-DSA-87, for use beyond that date.
The ISM is the ASD’s cryptographic rulebook, and its post-quantum controls put Australia on a 2030 clock rather than a 2035 one. That endpoint sits a half-decade earlier, and combined with a same-date deprecation of the classical asymmetric layer and even of SHA-256 for approved use, makes the Australian position the sharpest forcing function in the international landscape.
The short version:
- The ASD is Australia’s national signals-intelligence and cyber authority, and the ACSC is its public-facing cyber-security arm; the ISM is the ASD’s core cryptographic guidance, the Australian counterpart to the U.S. NSA and NIST guidance and to Germany’s BSI.
- The ISM directs that traditional asymmetric cryptography (RSA, DH, ECDH, ECDSA) cease being used by the end of 2030, a full 5 years ahead of the 2035 consensus.
- Only the Category-5 post-quantum parameter sets ML-KEM-1024 and ML-DSA-87 are approved for use beyond 2030; the lower-strength ML-KEM-768 and ML-DSA-65 are not approved past that date.
- On the symmetric and hash side, SHA-224, SHA-256, and HMAC-SHA-256 are not approved beyond 2030, while SHA-384, SHA-512, and AES-256 carry forward and are to be supported by 2030.
- The organisational milestones are a refined transition plan by the end of 2026, transition commenced (critical systems first) by the end of 2028, and transition complete by the end of 2030.
Think of the ISM as a building code with the strictest deadline on the continent. Most jurisdictions give the old load-bearing materials until 2035 to come out; Australia’s code says the classical asymmetric structure is out by the end of 2030, the new materials have to be the top-grade specification (Category 5, not a mid-grade), and even a common hash like SHA-256 loses its approval stamp on the same date. An architect reading this code plans a faster, higher-spec renovation than anywhere else.
What is the ACSC?
The ACSC is the Australian Cyber Security Centre, the public-facing cyber-security function of the Australian Signals Directorate, and the ASD is Australia’s national signals-intelligence and cyber-security agency. The ISM is the ASD’s cybersecurity framework, and its Guidelines for Cryptography carry the algorithm and post-quantum controls.
- Standing. The ASD is a statutory intelligence agency, and the ACSC operates as its national cyber-security center. The ISM represents the ASD’s considered advice on protecting systems and data, and it is the cryptographic baseline Australian government systems are assessed against.
- What it does. Through the ISM, the ASD sets cryptographic controls, approves algorithms and parameter sets, and now defines Australia’s post-quantum transition expectations. Through the ACSC it issues broader guidance, advisories, and incident response for government and the wider economy.
- How it compares. The ASD plays the role NSA and NIST split in the U.S., and that BSI, ANSSI, the NCSC, and the CCCS play for their nations: a national authority naming which cryptographic mechanisms are fit for use, at what parameters, and on what timeline. Its distinguishing feature is the aggressiveness of that timeline.
Source: Australian Signals Directorate, “Guidelines for cryptography,” Information Security Manual, cyber.gov.au.
What is the ISM’s post-quantum position?
The ISM’s post-quantum controls live in the Guidelines for Cryptography, and their defining feature is a 2030 endpoint rather than 2035. The ASD directs that new cryptographic equipment, applications, and libraries intended for use beyond 2030 be developed and procured with the goal of supporting ASD-approved post-quantum algorithms by 2030, and it sets the classical asymmetric layer to be retired on the same date.
- Cease traditional asymmetric cryptography by the end of 2030. The ISM recommends ceasing the use of traditional asymmetric cryptography by the end of 2030, naming RSA, Diffie-Hellman, ECDH, and ECDSA. That is the single most aggressive classical-deprecation date among the major national authorities.
- New equipment must support ASD-approved PQC by 2030. New cryptographic equipment, applications, and libraries intended for use beyond 2030 are to support the use of ML-DSA-87, ML-KEM-1024, SHA-384, SHA-512, and AES-256 by no later than 2030, which sets the target configuration for anything being built or bought now.
Source: Australian Signals Directorate, “Guidelines for cryptography,” Information Security Manual, cyber.gov.au, and “Stay ahead of the quantum threat with post-quantum cryptography,” cyber.gov.au.
[OPERATOR VERIFY the exact ISM control identifiers and the current wording against the live ISM Guidelines for Cryptography (the March 2026 edition PDF at cyber.gov.au) before quoting a control number in a client deliverable; the cyber.gov.au host was unreachable at verification time, so the control text here is corroborated from ASD’s own guidance pages and repeated across independent readings rather than read line-by-line from the current PDF.]
Which post-quantum algorithms does Australia approve?
Australia approves the NIST-standardized algorithms, and its distinctive move is approving only the highest-strength parameter sets for use beyond 2030. The lower-strength options are approved for the transition window and then fall away.
| Function | Approved through 2030 | Approved beyond 2030 |
|---|---|---|
| Key establishment | ML-KEM-768 and ML-KEM-1024 | ML-KEM-1024 only (Category 5) |
| Digital signatures | ML-DSA-65 and ML-DSA-87 | ML-DSA-87 only (Category 5) |
| Hashing | SHA-256 (and SHA-224, HMAC-SHA-256) | SHA-384 and SHA-512 |
| Symmetric encryption | AES-256 and lower approved sizes | AES-256 |
Source: Australian Signals Directorate, “Guidelines for cryptography,” Information Security Manual, cyber.gov.au.
Two details set Australia apart from its peers:
- Category 5 only past 2030. ML-KEM-768 and ML-DSA-65, the mid-strength parameter sets that the UK NCSC names as its everyday defaults, are approved by the ASD only through 2030. Beyond that the ASD approves only ML-KEM-1024 and ML-DSA-87, the NIST Security Category 5 sets. Australia lands on the same highest-strength targets the U.S. CNSA 2.0 requires for national-security systems, but applies them as the general baseline.
- SHA-256 loses its approval by 2030. The ASD does not approve SHA-224, SHA-256, or HMAC-SHA-256 beyond 2030, directing hashing up to SHA-384 and SHA-512. This is a stricter hash policy than the international norm, where SHA-256 is generally retained through the transition because Grover’s algorithm only weakens it to roughly 128-bit preimage strength. The ASD’s move is a conservative sizing decision rather than a claim that SHA-256 is broken.
[OPERATOR VERIFY whether the current ISM adds SLH-DSA to its approved post-quantum signature set; the ASD’s stated approved-beyond-2030 signature scheme is ML-DSA-87, and SLH-DSA was not confirmed as an approved ISM algorithm at verification time. Do not assert SLH-DSA approval without reading it in the live ISM.]
What are the ASD’s organisational milestones?
Beyond the algorithm controls, the ASD sets a three-date organisational timeline, and every date lands earlier than the equivalent milestone in the U.S., UK, or Canadian frameworks.
| Milestone | What the ASD recommends |
|---|---|
| End of 2026 | Organisations should have a refined plan for their transition to PQC, accounting for security goals, risk tolerances, dependencies, and the value of their data |
| End of 2028 | Organisations should have commenced their transition to PQC, starting with their critical systems and data |
| End of 2030 | Organisations should have completed their PQC transition |
Source: Australian Signals Directorate, “Planning for post-quantum cryptography,” cyber.gov.au, and “Stay ahead of the quantum threat with post-quantum cryptography,” cyber.gov.au.
The forcing date here is the end of 2026 planning milestone, the same discovery-first logic every authority follows. A completed transition by the end of 2030 requires a plan 2 years earlier and a commenced migration 2 years after that, so an Australian organisation that has not inventoried its cryptography and drafted a plan within the near term is already behind its own national authority’s schedule. After 2030, the ASD directs continual monitoring and validation of PQC implementations to confirm they work as intended and stay resilient.
How aggressive is Australia compared to the U.S., UK, EU, and Canada?
Australia is the outlier on speed. Every other major authority converges on a 2035 completion horizon; Australia sets 2030, and it pairs that with a highest-strength-only algorithm policy and a same-date retirement of the classical asymmetric layer.
| Dimension | ASD / ACSC (Australia) | UK NCSC | CNSA 2.0 (U.S. NSS) | CCCS (Canada) |
|---|---|---|---|---|
| Completion target | End of 2030 | 2035 | 2035 | End of 2035 |
| Classical asymmetric retired | By end of 2030 | Deprecated on the NIST schedule | On the CNSA 2.0 schedule | Standalone use by end of 2035 |
| Everyday algorithm strength | Category 5 only past 2030 (ML-KEM-1024, ML-DSA-87) | ML-KEM-768, ML-DSA-65 | Category 5 (ML-KEM-1024, ML-DSA-87) | Full parameter range approved |
| Hash policy | SHA-256 not approved past 2030 | SHA-256 retained | SHA-384 for NSS | SHA-256 retained |
Source: Australian Signals Directorate, “Guidelines for cryptography,” Information Security Manual, cyber.gov.au; NSA, “Announcing the Commercial National Security Algorithm Suite 2.0,” September 2022, CNSA 2.0 advisory.
The practical consequence for a multinational is that Australia sets the pace. An organisation operating in Australia and elsewhere cannot plan to the relaxed 2035 endpoint and still meet the ASD’s expectations, so where Australia is in scope, the 2030 completion date and the Category-5 target become the binding constraint that the rest of the program is sized against. Australia lands close to the U.S. CNSA 2.0 on algorithm strength while applying it far more broadly than the U.S. national-security-systems perimeter.
How does the ACSC relate to the other mandates and standards?
The ACSC is Australia’s node in the international standards stack, drawing on the NIST algorithms and diverging on timeline aggressiveness rather than on algorithm choice.
- NIST FIPS suite. The ASD approves ML-KEM and ML-DSA from the NIST standards, with no separate Australian algorithm suite.
- CNSA 2.0 (U.S.). The closest peer on algorithm strength, both landing on Category-5 ML-KEM-1024 and ML-DSA-87, though the ASD applies that baseline economy-wide rather than to national-security systems alone.
- UK NCSC and CCCS. Fellow national authorities on the softer 2035 horizon, the contrast cases that make Australia’s 2030 endpoint stand out.
- NIST IR 8547 (U.S.). The algorithm-deprecation schedule; Australia’s classical-asymmetric cessation by end of 2030 is far earlier than IR 8547’s after-2035 disallowance.
- Crypto-agility. The design property that makes a 2030-paced migration survivable, since a fast, highest-strength transition depends on being able to change algorithms cleanly.
Common misconceptions
- “Australia’s deadline is 2035 like everyone else.” It is 2030. The ISM directs that traditional asymmetric cryptography cease being used by the end of 2030, and the organisational transition be complete by the end of 2030, 5 years ahead of the international consensus.
- “Any approved parameter set is fine long-term.” Beyond 2030 the ASD approves only the Category-5 sets, ML-KEM-1024 and ML-DSA-87. The mid-strength ML-KEM-768 and ML-DSA-65 are approved only through 2030.
- “SHA-256 is safe under Australian guidance.” The ASD does not approve SHA-256 (or SHA-224 or HMAC-SHA-256) beyond 2030, directing hashing up to SHA-384 and SHA-512. That is a conservative sizing decision, since Grover’s algorithm only weakens SHA-256 rather than breaking it.
- “Australia recommends hybrid like BSI and ANSSI.” The ISM’s stated move is to retire the classical asymmetric layer by the end of 2030 and support ASD-approved post-quantum algorithms, rather than to standardize a durable hybrid posture. Treat any hybrid assumption as needing confirmation in the live ISM.
- “The 2030 date is far off.” A completed transition by the end of 2030 requires a refined plan by the end of 2026 and a commenced migration by the end of 2028, so the planning work starts now.
Questions people ask
What is the ACSC? It is the Australian Cyber Security Centre, the public-facing arm of the Australian Signals Directorate, Australia’s national signals-intelligence and cyber-security agency. The ASD’s Information Security Manual is its core cryptographic guidance, and its Guidelines for Cryptography carry the post-quantum controls.
What is Australia’s post-quantum deadline? The end of 2030. The ISM directs that traditional asymmetric algorithms cease being used by then and that organisations complete their PQC transition by the end of 2030, with a refined plan by the end of 2026 and transition commenced by the end of 2028.
Which post-quantum algorithms does Australia approve? ML-KEM and ML-DSA from the NIST standards, and beyond 2030 it approves only the Category-5 sets ML-KEM-1024 and ML-DSA-87. SHA-384, SHA-512, and AES-256 carry forward on the symmetric and hash side.
Why is Australia’s timeline more aggressive than everyone else’s? The ASD sets a 2030 completion target rather than 2035, retires the classical asymmetric layer on the same date, and approves only the highest-strength post-quantum parameter sets past 2030. Where Australia is in scope, that 2030 date becomes the binding constraint for a multinational program.
Does Australia still allow SHA-256? Only through 2030. The ASD does not approve SHA-224, SHA-256, or HMAC-SHA-256 beyond 2030 and directs hashing up to SHA-384 and SHA-512. This is a sizing decision rather than a statement that SHA-256 is broken by quantum computers.
Does the ISM bind my organization? Directly, it is the cryptographic baseline for Australian government systems. For the wider Australian economy it is the authoritative national reference, and where an organisation operates in Australia its 2030 dates and Category-5 targets set the pace for the whole cross-border program.
What should an organization do first? Build a cryptographic inventory and draft a transition plan, since the ASD expects a refined plan by the end of 2026. Prioritizing and sequencing both depend on seeing your own cryptography clearly, and a CBOM is the artifact that captures it.
Everything here is the map, given freely. When your team needs the ASD’s 2030 post-quantum deadline and Category-5 algorithm targets translated into a migration plan sequenced against your own Australian and cross-border systems, that’s what an alignment briefing is for.
Last verified 2026-07-12 · Maintained by Addie LaMarr, LaMarr Labs.