Transition to post-quantum Public Key Infrastructures

The main goal of this opportunity is to tackle the integration of post-quantum cryptographic algorithms into Public Key Infrastructures (PKIs). It focuses on developing efficient migration strategies and ensuring business continuity during the transition. Key areas include designing cryptographic combiners, testing hybrid certificates, improving certificate management protocols, and enhancing open-source libraries. Additional priorities are compatibility with existing systems, raising awareness, providing training, and supporting standardization. The opportunity is open to projects in the 27 EU Member States, Iceland, and Norway.

• Projects must address the integration of post-quantum cryptography into PKIs.
• Proposals should include strategies for migration and business continuity.
• Activities must cover at least one of the focus areas: cryptographic combiners, hybrid certificates, certificate management, open-source libraries, or key management tools.
• Projects should support compatibility with legacy systems and/or standardization efforts.
• Awareness and training components are encouraged.
• Projects must follow the proposal format and page limits as specified in the application form.

Example Projects:

• A project developing a toolkit for hybrid certificate deployment in existing PKI systems across multiple sectors.
• An initiative to improve open-source cryptographic libraries with post-quantum support and provide training workshops for IT professionals.
• A collaborative effort to design new protocols for transparent certificate management, ensuring compatibility with both legacy and post-quantum systems.

• Personnel costs
• Subcontracting
• Travel and subsistence
• Equipment (depreciation or rental)
• Consumables and materials
• Dissemination and communication
• Access to research infrastructure
• IPR and certification
• Audit costs
• Indirect costs (25% flat rate)
• Internally invoiced services

• Budget for this Call: 15.000.000€
• Maximum per project: 4.000.000€
• Minimum per project: 3.000.000€

• Legal entities must be established in an EU Member State or a country associated to the Digital Europe Programme.

• At least three independent entities from three different EU Member States must participate.

• Only entities from EU Member States can receive funding under this topic.

• The project must support the deployment of digital capacities; pure research is not eligible.

• Participants must have the operational and financial capacity to carry out the proposed action.

• Activities must align with EU cyber security certification and policy priorities.

• Projects must target public key infrastructures (PKIs) relevant to EU institutions, national governments, or critical sectors.

• Consortium must include relevant public authorities or clearly demonstrate engagement with them.

• Results must be openly available to public bodies across the EU.

• Projects must comply with EU rules on security and data protection, including GDPR.