ANSSI · CSPN · EAL4+ · NIS2

Certification
Roadmap

A certification plan aligned with ANSSI requirements, with the 2027 post-quantum mandate as the horizon. NIS2, DORA and eIDAS 2.0 context.

Live CSPN Status

Tracking ANSSI first-level security certifications.

Last updated: 2026-03-09

AER

AllEyes Resilient Encryptor

In Progress

Phase

FPGA firmware development

Target

Q3 2026

CESTI

CEA-Leti (in discussion)

Progress

35%

AGT

GLUON PQC-WAN Agent

Planned

Phase

After encryptor certification

Target

Q4 2026

CESTI

CEA-Leti (in discussion)

Progress

10%

Regulatory Context

2027

ANSSI PQC Mandate

ANSSI will require the use of post-quantum algorithms for all qualified products from 2027 onwards. Non-PQC products will lose their qualification.

NIS2

NIS2 Directive

The European NIS2 directive extends cybersecurity obligations to 18 sectors. Encryption of data in transit becomes mandatory for essential entities.

DORA

DORA Regulation

The DORA regulation imposes strict digital resilience requirements on European financial institutions, including encryption of critical data flows.

Certification Timeline

Past and planned milestones for the French PQC ecosystem.

March 2025 Obtained

IPsec encryptor ANSSI-qualified

ANSSI No. 564 — Qualification of an IPsec network encryptor (40 Gbps).

September 2025 Compliant

ML-DSA accepted by ANSSI

First acceptance of an ML-DSA algorithm in an ANSSI-qualified product.

October 2025 Obtained

Samsung S3SSE2A — 2nd PQC visa

Second product to receive an ANSSI security visa with PQC support.

Q3 2026 In progress

[CRYPTOPS] CSPN AllEyes Resilient Encryptor

CESTI CEA-Leti — First-level security certification for the AllEyes Resilient encryptor.

35%

Q4 2026 In progress

[CRYPTOPS] CSPN PQC-WAN Agent

Certification of the GLUON VPN agent covering the PQC VPN ML-KEM-1024 protocol.

10%

Q1 2027 Planned

[CRYPTOPS] CSPN GLUON Mobile Agent

Certification of the GLUON mobile agent for Android and iOS.

Q3 2027 Planned

[CRYPTOPS] EAL4+ AllEyes Resilient

Common Criteria EAL4+ for the complete AllEyes Resilient architecture. International recognition across 31 countries.

Q4 2027 Planned

[CRYPTOPS] CSPN GARANCE PKI

Certification of the GARANCE post-quantum PKI with ML-DSA-87 certificate authority.

2027 Deadline

PQC mandate for ANSSI qualification

All ANSSI-qualified products will be required to integrate post-quantum algorithms. Non-compliant products will lose their qualification.

Why CEA-Leti?

CEA-Leti is the only CESTI (IT Security Evaluation Centre) combining a unique triple expertise in France:

FPGA evaluation — Unique expertise on reconfigurable architectures
PQC cryptography — Active research on NIST post-quantum algorithms
SCA analysis — World-class Side-Channel Analysis capabilities

CEA

French Alternative Energies and Atomic Energy Commission

FPGA

Hardware

PQC

Crypto

SCA

Side-Channel

Prepare for 2027 Compliance

Contact us to plan your transition to certified post-quantum encryption.

Request a Demo

Certification Roadmap