Post-quantum readiness and cryptographic transition planning for enterprise cloud

Abstract Cryptographically relevant quantum computers (CRQCs) would break widely deployed public-key cryptography (RSA/ECC) via Shor’s algorithm, enabling retroactive decryption of captured ciphertext (“harvest now, decrypt later”). This paper presents an enterprise-cloud transition framework that couples (i) standards-based algorithm selection using NIST’s post-quantum standards (FIPS 203–205), (ii) a cloud threat model that distinguishes retroactive confidentiality loss from forward integrity/authentication risks, and (iii) a quantitative timing-risk model grounded in Mosca’s inequality. Using a public expert-elicitation distribution for Q-day timing and a reproducible Monte Carlo estimator, we compare migration strategies and key planning parameters (migration start year, migration duration, and confidentiality lifetime). We also contrast this probabilistic view with common deterministic single-date Q-day planning, highlighting how tail uncertainty can materially change exposure estimates and recommended start years. For a representative enterprise case (X=10 X = 10 years, Y=6 Y = 6 years), delaying the migration start from 2026 to 2030 increases the expected exposed fraction of the confidentiality window from 0. 37 to 0. 54 under a midline timeline. We also provide cloud-specific implementation guidance (crypto inventory, hybrid TLS/QUIC and service-mesh deployments, PKI readiness, and governance), and summarize performance and interoperability drivers arising from larger post-quantum key material.