How AWS is helping federal agencies lead in quantum computing and post-quantum security

Quantum technology is advancing faster than most government planning cycles anticipate. Fault-tolerant quantum computers, machines capable of solving problems beyond the reach of classical supercomputers, now have a clear engineering path and a delivery timeline measured in months, not decades. The first applications will be in scientific computing workloads with deep relevance to federal agency missions, from energy research to materials science to national security. And as quantum hardware improves, so does the urgency of protecting today’s encrypted data from tomorrow’s quantum-enabled attacks, a migration that every agency will need to execute under hard deadlines.

Last week, the White House reinforced that urgency with two Executive Orders that represent the most significant federal commitment to quantum technologies in a generation. The first, Ushering in the Next Frontier of Quantum Innovation, directs a whole-of-government approach to accelerate deployment and commercialization of quantum computing, sensing, and networking, and it establishes the Quantum Computer for Application Development and Discovery Science (QC-ADDS) Effort to deliver a quantum computer at the scale needed for scientific discovery to a Department of Energy (DOE) facility. The second, Securing the Nation Against Advanced Cryptographic Attacks, mandates that all federal high-value assets and high-impact systems transition to (National Institute of Standards and Technology) NIST-approved post-quantum cryptography (PQC) by the end of 2030 for key establishment and 2031 for digital signatures.

This week, DOE acted on that mandate, launching the Quantum Genesis initiative and the Q Competition to develop and deploy the world’s first scientifically relevant fault-tolerant quantum computing systems by 2028. The initiative will establish a National Quantum Supercomputing User Facility integrated with DOE’s exascale high performance computing (HPC), AI, and networking infrastructure.

At Amazon Web Services (AWS), we’ve been building toward this moment for years, on both sides of the quantum equation. On the computing side, we announced this month our expanded strategic collaboration with QuEra Computing to bring the first fault-tolerant quantum computers to the cloud through Amazon Braket, with scientifically relevant applications starting in 2028. On the security side, AWS security experts have been contributing to post-quantum cryptography research and standards-setting efforts for years, including the NIST standards that now underpin the federal PQC mandate. We have a well-defined migration plan already in execution across our infrastructure in alignment with the 2030 and 2031 deadlines outlined in the Executive Order. We’ve already achieved FIPS 140-3 validation for AWS-LC, the cryptographic library deployed across our infrastructure, which means agencies running workloads on AWS are already operating on a PQC-ready cryptographic foundation without needing to procure or deploy separate solutions.

In this post, I explain a little more about why both quantum computing and post-quantum cryptography matter for federal missions, and what agency leaders should be doing now.

The computing opportunity: From experiments to mission applications

Quantum error correction has advanced rapidly. Research teams have demonstrated the core building blocks of fault-tolerant computation: logical qubits that outperform their physical components, real-time error correction at scale, and coherent operation of thousands of qubits in a single system. Based on these advances, AWS and QuEra are bringing Libra, a megaquop-scale device capable of executing one million quantum operations over hundreds of logical qubits, to Amazon Braket customers by 2028.

This matters for federal missions because the problems it can address are ones where classical supercomputers hit fundamental limits. At the megaquop scale, with 250 logical qubits and up to 100,000 hard fault-tolerant operations, researchers will be able to generate scientifically meaningful data that complements and validates what classical methods produce, reducing uncertainty and strengthening scientific conclusions in domains where classical simulations require approximations that can’t be rigorously verified today.

The specific applications are directly aligned to DOE and national security priorities:

1. Quantum chemistry and energy science – Simulating the molecular processes behind next-generation solar cells and industrial nitrogen fixation, where classical methods are forced to make approximations they can’t verify. Quantum algorithms provide rigorous validation that no classical approach can deliver.
2. Materials science – Understanding the behavior of strongly correlated materials relevant to high-temperature superconductivity, where classical computers can’t accurately model the quantum interactions that drive the physics.
3. High-energy physics – Simulating the real-time dynamics of fundamental forces, a class of problems that is exponentially hard for classical supercomputers and directly relevant to our understanding of the universe at its most basic level.
4. Nuclear physics – Validating the theoretical models used to predict nuclear behavior, where classical simulations rely on assumptions that currently can’t be independently confirmed.

Each of these represents a specific computational bottleneck where the physics of the problem aligns with the capabilities of the hardware being delivered, and where DOE researchers and their national laboratory teams have been co-designing applications with AWS and QuEra for years. And although DOE science missions represent the earliest applications, the same class of computational advantage extends across the federal government: drug discovery and genomics at National Institutes of Health (NIH), logistics and supply chain optimization at the Department of War, and financial risk modeling at Treasury. As fault-tolerant systems scale, the set of agencies with mission-relevant quantum workloads will grow rapidly.

The Executive Order makes the federal intent explicit: the United States must move quickly beyond quantum research and into deployment of systems capable of scientifically relevant computation. The order directs the Department of War to establish activities and programs to advance readiness for national security applications of quantum computing and calls on the Department of Energy to define technical specifications for transformative scientific applications within 90 days. DOE’s Quantum Genesis initiative and Q Competition define exactly what “scientifically relevant” means: fault-tolerant systems with hundreds of logical qubits, targeting applications in chemistry, materials science, plasma physics, and high-energy physics, delivered by 2028. The system AWS and QuEra are building matches those targets directly, with 250 logical qubits, up to 100,000 hard fault-tolerant operations, and cloud-native integration with classical HPC at scale.

Amazon Braket brings fault-tolerant quantum computing directly to the cloud, integrated with the classical HPC and AI infrastructure agencies already use. This is a critical point: fault-tolerant quantum workloads are inherently hybrid, requiring tight coordination between quantum processors and large-scale classical compute for preprocessing, error decoding, and postprocessing at every step. Braket delivers this as a single environment, inherently connected to AWS elastic HPC resources, GPU-accelerated compute, and workflow orchestration, so agencies can build end-to-end quantum-classical pipelines without standing up separate infrastructure or managing a second security posture.

“This is a very special moment. For the first time, a dream of realizing useful, fault-tolerant quantum computers is in our direct line of sight. Designed to enable quantum computation at an unprecedented scale, these systems should realize truly unique applications. We are proud to significantly expand our collaboration with AWS to bring these unique capabilities to the broader community of scientific users.” — Prof. Mikhail Lukin, Chief Science Officer, QuEra Computing.

The security imperative: Post-quantum cryptography can’t wait

Adversaries can harvest internet traffic today with the intent to decrypt it when quantum computers mature. This makes it urgent to upgrade encryption for data in transit that must remain confidential for 10-plus years. Similarly, long-lived devices such as industrial controllers, vehicles, and satellites that establish their cryptographic roots of trust at manufacture and often can’t be updated post-deployment need quantum-resistant roots of trust starting now. As quantum computing continues to advance, the timeline to a device capable of breaking today’s public-key cryptography is also compressing, and agencies can’t afford to assume that timeline is distant.

The new Executive Order on cryptographic security requires every agency to designate a PQC migration lead within 30 days. It mandates transition of all high-value assets and high-impact systems to NIST-approved PQC algorithms on hard deadlines. It directs the Federal Acquisition Regulatory Council (FAR) Council to amend acquisition regulations to require contractor compliance by 2030. Global regulators beyond the U.S. have set hard deadlines for quantum-resistant confidentiality as early as 2027 and quantum-resistant authentication as early as 2029, making this a worldwide migration, not merely a federal one.

AWS has been leading this migration since before the standards were finalized. AWS has been active in the development and deployment of PQC since 2013. AWS employees contributed to the three new FIPS standards (ML-KEM, ML-DSA, and SLH-DSA) published by NIST in August 2024. Our open source cryptographic library, AWS-LC, already implements these algorithms. Our TLS implementation, s2n-tls and s2n-quic, has supported post-quantum key exchange since 2019.

Our migration plan is structured across four workstreams:

1. Inventory and standards development – Completing cryptographic inventory, defining how PQC integrates into specific applications and protocols
2. PQC on public endpoints – Deploying ML-KEM across all AWS service endpoints to protect long-term confidentiality of data in transit
3. Long-lived roots of trust – Delivering ML-DSA across key services to enable secure code, document, and firmware signing
4. Session authentication – Migrating to PQC digital signatures for server and client certificate validation

For government customers, this means the cloud infrastructure you run on is already preparing for the post-quantum era, providing a foundation your agency’s migration plan can build on. Our goal is to deliver PQC in alignment with secure-by-default principles: transparent use, imperceptible performance impact, and minimal configuration required. A proactive and well-scoped migration strategy makes these upgrades a strategic decision rather than a deadline-driven fire drill, and organizations running on modern cloud services are better positioned than ever to migrate faster with least operational impact. AWS offers no-cost consultations to help agencies get started on PQC plans for legacy and on-premises workloads.

AWS is ready to support your mission

Quantum computing and quantum security are deeply connected, and agencies that treat them with equal mission priority will be the ones best positioned to lead.

AWS is prepared to meet agencies on both. Amazon Braket gives teams access to quantum hardware today, with managed development environments, leading software frameworks, and direct integration with AWS HPC and AI infrastructure, so they can build skills and co-design applications now rather than starting from zero when fault-tolerant systems arrive. On the security side, our open source cryptographic libraries already implement NIST-standardized PQC algorithms, AWS Key Management Service (AWS KMS) and AWS Private Certificate Authority support the new quantum-resistant signing algorithms, and our security specialists are working with federal customers to map migration plans grounded in how workloads are deployed. We’ve been running this model with national laboratories, defense research organizations, and intelligence community collaborators for years.

Quantum matters to your mission. The question is whether you’re moving at the speed the moment demands.

Let’s build together.

Join us at the AWS DC Summit, Session FED203, on June 30, 2026, at 9:45 AM ET to hear more about AWS and quantum computing for government missions.

Learn more about Amazon Braket, the AWS and QuEra collaboration, and the AWS post-quantum cryptography migration plan.