Post Quantum Cybersecurity Standards Act

AI Summary

No AI Summary Available

Click the button above to generate an AI-powered summary of this bill using Claude.

The summary will analyze the bill's key provisions, impact, and implementation details.

Latest Action

Jun 11, 2025

Ordered to be Reported by the Yeas and Nays: 35 - 0.

Actions (5)

Ordered to be Reported by the Yeas and Nays: 35 - 0.

Type: Committee | Source: House committee actions | Code: H19000

Jun 11, 2025

Committee Consideration and Mark-up Session Held

Type: Committee | Source: House committee actions | Code: H15001

Jun 11, 2025

Referred to the House Committee on Science, Space, and Technology.

Type: IntroReferral | Source: House floor actions | Code: H11100

May 7, 2025

Introduced in House

Type: IntroReferral | Source: Library of Congress | Code: Intro-H

May 7, 2025

Introduced in House

Type: IntroReferral | Source: Library of Congress | Code: 1000

May 7, 2025

Subjects (5)

Advanced technology and technological innovations Computer security and identity theft Computers and information technology Government lending and loan guarantees Science, Technology, Communications (Policy Area)

Cosponsors (3)

Rep. Nunn, Zachary [R-IA-3]

(R-IA)
Sep 26, 2025

Rep. Fitzpatrick, Brian K. [R-PA-1]

(R-PA)
May 14, 2025

Rep. Tenney, Claudia [R-NY-24]

(R-NY)
May 7, 2025

Text Versions (1)

Introduced in House

May 7, 2025

PDF ↗ XML ↗

Full Bill Text

Length: 6,255 characters Version: Introduced in House Version Date: May 7, 2025 Last Updated: Nov 15, 2025 6:11 AM

[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3259 Introduced in House

(IH) ]

<DOC>

119th CONGRESS
1st Session
H. R. 3259

To amend the National Quantum Initiative Act and the Cyber Security
Research and Development Act to advance the rapid deployment of post
quantum cybersecurity standards across the United States economy,
support United States cryptography research, and for other purposes.

_______________________________________________________________________

IN THE HOUSE OF REPRESENTATIVES

May 7, 2025

Ms. Stevens (for herself and Ms. Tenney) introduced the following bill;
which was referred to the Committee on Science, Space, and Technology

_______________________________________________________________________

A BILL

To amend the National Quantum Initiative Act and the Cyber Security
Research and Development Act to advance the rapid deployment of post
quantum cybersecurity standards across the United States economy,
support United States cryptography research, and for other purposes.

Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,

SECTION 1.

This Act may be cited as the ``Post Quantum Cybersecurity Standards
Act''.

SEC. 2.

(a) National Institute of Standards and Technology Cryptography
Programs.--The National Quantum Initiative Act is amended--

(1) in

section 2 (15 U.

(A) by redesignating paragraphs

(4) ,

(5) ,

(6) ,

(7) ,
the first paragraph

(8) (relating to the definition of
``Subcommittee on Economic and Security
Implications''), and the second paragraph

(8) (relating
to the definition of ``Subcommittee on Quantum
Information Science'') as paragraphs

(5) ,

(7) ,

(8) ,

(9) ,

(11) , and

(12) , respectively;
(B) by inserting after paragraph

(3) the following
new paragraph:
``

(4) Critical infrastructure.--The term `critical
infrastructure' has the meaning given such term in

section 1016 (e) of Public Law 107-56 (42 U.

(e) of Public Law 107-56 (42 U.S.C. 5195c

(e) )'';
(C) by inserting after paragraph

(5) , as so
redesignated, the following new paragraph:
``

(6) Post-quantum cryptography.--The term `post-quantum
cryptography' means those cryptographic algorithms or methods
that are assessed not to be specifically vulnerable to attack
by either a quantum computer or classical computer.''; and
(D) by inserting after paragraph

(9) , as so
redesignated, the following new paragraph:
``

(10) Sector risk management agency.--The term `sector
risk management agency' has the meaning given such term in

section 2200 of the Homeland Security Act of 2002 (6 U.

650).''; and

(2) in

section 201 (15 U.

(A) redesignating subsection
(c) as subsection
(d) ;
and
(B) inserting after subsection

(b) the following
new subsection:
``
(c) Post Quantum Cryptography Deployment.--
``

(1) In general.--The Director of the National Institute
of Standards and Technology, in consultation with the Secretary
of Homeland Security and the heads of sector risk management
agencies, as appropriate, shall promote the voluntary adoption
and deployment of post-quantum cryptography standards,
including by--
``
(A) disseminating and making publicly available
guidance and resources to help organizations adopt and
deploy post-quantum cryptography standards;
``
(B) providing technical assistance, as
practicable, to entities that are high risk of quantum
cryptoanalytic attacks, such as entities determined to
be critical infrastructure or digital infrastructure
providers; and
``
(C) conducting such other activities as
determined necessary by the Director to promote the
adoption and deployment of post-quantum cryptography
standards across the United States.
``

(2) Grant program.--
``
(A) In general.--Subject to the availability of
appropriations and after the date on which the Director
of National Institute of Standards and Technology has
issued post-quantum cryptography standards under
paragraph

(1) , the Director may establish a program to
identify and provide technical assistance through the
award of grants to entities that are at high risk of
quantum cryptoanalytic attacks, including by granting
funds, in adopting such post-quantum cryptographic
standards and remediating quantum-related
vulnerabilities.
``
(B) Use of funds.--Grants awarded to entities
under this subsection may be used to cover reasonable
costs, up to a specified amount established by the
Director of the National Institute of Standards and
Technology, of activities to adopt post-quantum
cryptographic standards and remediate quantum-related
vulnerabilities.
``
(C) Guidance.--The Director of the National
Institute of Standards and Technology may develop, and
periodically update, guidance, including eligibility,
application disclosure requirements, grant amount and
duration, and any additional requirements regarding the
award of grants under this paragraph.
``
(D) Consultation.--If the program described in
this paragraph is established, the Director of the
National Institute of Standards and Technology shall
consult with the Director of the Cybersecurity and
Infrastructure Security Agency of the Department of
Homeland Security, the heads of other Sector Specific
Agencies and risk management agencies, and appropriate
representatives of private sector entities, including
nonprofit organizations, to share information regarding
the program and guidance developed under subparagraph
(C) .''.

(b) National Science Foundation Cryptography Research.--Subsection

(a)

(1)
(A) of

section 4 of the Cyber Security Research and Development Act (15 U.

Act (15 U.S.C. 7403) is amended by inserting ``, including post-quantum
cryptography'' before the semicolon.
<all>

[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3259 Introduced in House

    (IH) ]

<DOC>

119th CONGRESS
 1st Session
 H. R. 3259

 To amend the National Quantum Initiative Act and the Cyber Security 
 Research and Development Act to advance the rapid deployment of post 
 quantum cybersecurity standards across the United States economy, 
 support United States cryptography research, and for other purposes.

_______________________________________________________________________

 IN THE HOUSE OF REPRESENTATIVES

 May 7, 2025

Ms. Stevens (for herself and Ms. Tenney) introduced the following bill; 
 which was referred to the Committee on Science, Space, and Technology

_______________________________________________________________________

 A BILL

 To amend the National Quantum Initiative Act and the Cyber Security 
 Research and Development Act to advance the rapid deployment of post 
 quantum cybersecurity standards across the United States economy, 
 support United States cryptography research, and for other purposes.

 Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

 This Act may be cited as the ``Post Quantum Cybersecurity Standards 
Act''.

SEC. 2. NIST CRYPTOGRAPHY PROGRAMS AND NSF CRYPTOGRAPHY RESEARCH.

    (a) National Institute of Standards and Technology Cryptography 
Programs.--The National Quantum Initiative Act is amended--

    (1) in 

section 2 (15 U.S.C. 8801)--
        (A) by redesignating paragraphs

    (4) ,

    (5) ,

    (6) ,

    (7) , 
 the first paragraph

    (8) (relating to the definition of 
 ``Subcommittee on Economic and Security 
 Implications''), and the second paragraph

    (8) (relating 
 to the definition of ``Subcommittee on Quantum 
 Information Science'') as paragraphs

    (5) ,

    (7) ,

    (8) ,

    (9) ,

    (11) , and

    (12) , respectively;
        (B) by inserting after paragraph

    (3) the following 
 new paragraph:
 ``

    (4) Critical infrastructure.--The term `critical 
 infrastructure' has the meaning given such term in 

section 1016

    (e) of Public Law 107-56 (42 U.S.C. 5195c

    (e) )'';
            (C) by inserting after paragraph

    (5) , as so 
 redesignated, the following new paragraph:
 ``

    (6) Post-quantum cryptography.--The term `post-quantum 
 cryptography' means those cryptographic algorithms or methods 
 that are assessed not to be specifically vulnerable to attack 
 by either a quantum computer or classical computer.''; and
            (D) by inserting after paragraph

    (9) , as so 
 redesignated, the following new paragraph:
 ``

    (10) Sector risk management agency.--The term `sector 
 risk management agency' has the meaning given such term in 
 

section 2200 of the Homeland Security Act of 2002 (6 U.S.C. 
 650).''; and

    (2) in 

section 201 (15 U.S.C. 8831), by--
        (A) redesignating subsection
            (c) as subsection
            (d) ; 
 and
        (B) inserting after subsection

    (b) the following 
 new subsection:
 ``
            (c) Post Quantum Cryptography Deployment.--
 ``

    (1) In general.--The Director of the National Institute 
 of Standards and Technology, in consultation with the Secretary 
 of Homeland Security and the heads of sector risk management 
 agencies, as appropriate, shall promote the voluntary adoption 
 and deployment of post-quantum cryptography standards, 
 including by--
 ``
        (A) disseminating and making publicly available 
 guidance and resources to help organizations adopt and 
 deploy post-quantum cryptography standards;
 ``
        (B) providing technical assistance, as 
 practicable, to entities that are high risk of quantum 
 cryptoanalytic attacks, such as entities determined to 
 be critical infrastructure or digital infrastructure 
 providers; and
 ``
            (C) conducting such other activities as 
 determined necessary by the Director to promote the 
 adoption and deployment of post-quantum cryptography 
 standards across the United States.
 ``

    (2) Grant program.--
 ``
        (A) In general.--Subject to the availability of 
 appropriations and after the date on which the Director 
 of National Institute of Standards and Technology has 
 issued post-quantum cryptography standards under 
 paragraph

    (1) , the Director may establish a program to 
 identify and provide technical assistance through the 
 award of grants to entities that are at high risk of 
 quantum cryptoanalytic attacks, including by granting 
 funds, in adopting such post-quantum cryptographic 
 standards and remediating quantum-related 
 vulnerabilities.
 ``
        (B) Use of funds.--Grants awarded to entities 
 under this subsection may be used to cover reasonable 
 costs, up to a specified amount established by the 
 Director of the National Institute of Standards and 
 Technology, of activities to adopt post-quantum 
 cryptographic standards and remediate quantum-related 
 vulnerabilities.
 ``
            (C) Guidance.--The Director of the National 
 Institute of Standards and Technology may develop, and 
 periodically update, guidance, including eligibility, 
 application disclosure requirements, grant amount and 
 duration, and any additional requirements regarding the 
 award of grants under this paragraph.
 ``
            (D) Consultation.--If the program described in 
 this paragraph is established, the Director of the 
 National Institute of Standards and Technology shall 
 consult with the Director of the Cybersecurity and 
 Infrastructure Security Agency of the Department of 
 Homeland Security, the heads of other Sector Specific 
 Agencies and risk management agencies, and appropriate 
 representatives of private sector entities, including 
 nonprofit organizations, to share information regarding 
 the program and guidance developed under subparagraph
            (C) .''.

    (b) National Science Foundation Cryptography Research.--Subsection

    (a)

    (1)
        (A) of 

section 4 of the Cyber Security Research and Development 
Act (15 U.S.C. 7403) is amended by inserting ``, including post-quantum 
cryptography'' before the semicolon.
 <all>

View original source ↗

119-hr3259