Security evaluations of Post-Quantum Cryptography (PQC) primitives

This is a Horizon Europe grant opportunity focused on the evaluation of Post-Quantum Cryptography (PQC) primitives, aimed at strengthening cybersecurity against the potential threats posed by quantum computing. The grant falls under the HORIZON-RIA (Research and Innovation Actions) framework and is managed by the European Cybersecurity Competence Centre (ECCC). The application process is structured as a single-stage call, with an opening date set for June 12, 2025, and a submission deadline of November 12, 2025.

Eligible applicants include universities, research institutes, small and medium-sized enterprises (SMEs), and larger organizations with expertise in cybersecurity and quantum computing. Specific eligibility extends to legal entities established in EU Member States, Associated Countries, and OECD countries, excluding those controlled by non-eligible states to protect the EU’s strategic interests.

The funding type is classified as a lump sum grant, with amounts varying according to specific topics. For instance, the funding range for different areas is from €2 million to €14 million per project, with an overall budget for the 2025 call including approximately €40 million allocated for major topics.

A consortium of at least three independent entities from different EU Member States or Associated Countries is required for proposals, encouraging collaboration among diverse teams that possess relevant expertise in post-quantum cryptography and quantum computing.

The targeted sectors for this grant encompass cybersecurity, quantum computing, data protection, and related ICT infrastructure, aligning with the EU's Digital Decade agenda for secure digital transformation. The grants aim to facilitate advancements in the security evaluations of PQC algorithms, enhance understanding of quantum resistance, and develop new quantum algorithms that can effectively address vulnerabilities in existing cryptographic systems.

Projects funded through this mechanism are expected to lead to significant breakthroughs, including improved implementations of quantum algorithms, development of testing environments for evaluating cryptosystems against quantum threats, and recommendations for strengthening post-quantum cryptosystems against AI-based attacks.

Overall, this initiative seeks to ensure that cryptographic systems remain robust and secure in the face of evolving technological challenges, thereby safeguarding the EU's digital infrastructure and strategic objectives. The call provides substantial financial support for innovative R&D projects and emphasizes a collaborative approach to tackling critical cybersecurity issues. Success rates for proposals are estimated to be between 10% and 39%, reflecting the competitive nature of Horizon Europe funding. Co-funding is not required, as the lump-sum grants cover full project costs.

This is a Horizon Europe (HORIZON) call for proposals, specifically an Indirectly Managed Action by the ECCC (European Cybersecurity Competence Centre), focusing on security evaluations of Post-Quantum Cryptography (PQC) primitives. The call falls under the HORIZON-CL3-2025-01-IM-01 umbrella. It is a single-stage submission process with a planned opening date of June 12, 2025, and a deadline of November 12, 2025, at 17:00:00 Brussels time. The type of action is HORIZON-RIA, which stands for HORIZON Research and Innovation Actions. The Model Grant Agreement (MGA) type is HORIZON Lump Sum Grant [HORIZON-AG-LS].

The expected outcomes of the projects funded under this call are: Breakthroughs in understanding the quantum hardness of various mathematical problem classes that underpin the security of current and future post-quantum cryptosystems; New quantum algorithms with significant quantum speed-up for lattice-based, code-based, and potentially other mathematical problem-classes; Improved implementation of quantum algorithms using high-level quantum programming languages to solve mathematical problems forming the core of cryptosystems; Establishment of environments testing the robustness of cryptosystems regarding quantum attackers; AI-based approaches to help discovering vulnerabilities of lattice-based or other mathematical problem-classes; Cryptanalysis results; Parameter suggestions to create a robust set of cryptographic building blocks for post-quantum cybersecurity and design of post-quantum cryptosystems with improved security against quantum or AI-based attacks.

The scope of the call is centered around assessing the security of post-quantum primitives. It acknowledges that the intrinsic security of PQC algorithms relies on mathematical problems believed to be intractable for both classical and quantum computers. The call emphasizes the importance of assessing the quantum security of post-quantum primitives to increase confidence in post-quantum cryptosystems. It recognizes that the development of quantum algorithms with significant quantum speed-up would necessitate a reassessment of cryptosystems, including lattice-based and code-based systems. Conversely, the absence of significant quantum speed-up would bolster confidence in post-quantum cryptosystems, although parameter adjustments might still be needed. The call also points out that existing quantum attackers have primarily been analyzed theoretically, lacking efficient implementations and hardware for application to current cryptosystems. It highlights the need for studies on AI-based approaches to identify vulnerabilities in certain schemes and implementation choices, which can aid in developing more robust post-quantum cryptosystems.

The call welcomes proposals on the assessment of the security of post-quantum primitives, including studies focused on quantum algorithms with demonstrable speed-up, potentially in combination with AI, or solely AI-based approaches. While the security of lattice and code-based PQC algorithms is prioritized, other mathematical problem classes are not excluded. The call acknowledges the potential of quantum computing to enhance AI capabilities and encourages the combination of different approaches. Consortia with teams having backgrounds in both post-quantum cryptography and quantum computing are strongly encouraged. The projects should aim to identify vulnerabilities in current post-quantum cryptographic building blocks and provide practical recommendations for parameters to design post-quantum cryptosystems with improved security against quantum attacks and future advances in code-breaking and AI.

The general conditions include: Admissibility Conditions regarding proposal page limits and layout, which are described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes and Part B of the Application Form available in the Submission System; Eligible Countries, as described in Annex B of the Work Programme General Annexes, with specific provisions for non-EU/non-Associated Countries outlined in the Horizon Europe Programme Guide; Other Eligible Conditions, limiting participation to legal entities established in Member States, Associated Countries, and OECD countries to safeguard the Union’s strategic assets, interests, autonomy, and security, and excluding entities directly or indirectly controlled by non-eligible countries or entities; Financial and operational capacity and exclusion, as described in Annex C of the Work Programme General Annexes; Evaluation and award criteria, scoring, and thresholds, as described in Annex D of the Work Programme General Annexes; Submission and evaluation processes, as described in Annex F of the Work Programme General Annexes and the Online Manual; Indicative timeline for evaluation and grant agreement, as described in Annex F of the Work Programme General Annexes; and Legal and financial set-up of the grants, with eligible costs taking the form of a lump sum, as defined in the Decision of 7 July 2021, and described in Annex G of the Work Programme General Annexes.

Specific conditions are described in the specific topic of the Work Programme.

Application and evaluation forms and model grant agreement (MGA) details are provided, with application form templates available in the Submission System, including Standard application forms for HE RIA, IA, CSA, RI, PCP, PPI, COFUND, FPA, MSCA DN, PF, SE, COFUND, ERC STG, COG, ADG, POC, SYG, EIC PATHFINDER CHALLENGES, OPEN, and TRANSITION. Evaluation form templates will be used with necessary adaptations, including Standard evaluation forms for HE RIA, IA, CSA, RIA/IA/CSA Stage 1, PCP/PPI, COFUND, FPA, MSCA, EIC PATHFINDER CHALLENGES/OPEN/TRANSITION, and EIC Accelerator stage 1/2. Guidance documents include the HE Programme Guide, Model Grant Agreements (MGA) such as HE MGA, HE Unit MGA, Lump Sum MGA, Operating Grants MGA, and Framework Partnership Agreement FPA. Call-specific instructions include a detailed budget table (HE LS), information on financial support to third parties (HE), information on clinical studies (HE), and guidance on lump sums. Additional documents include the HE Main Work Programme 2023–2025, HE Programme Guide, HE Framework Programme 2021/695, HE Specific Programme Decision 2021/764, EU Financial Regulation 2024/2509, Decision authorising the use of lump sum contributions, Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment, EU Grants AGA, Funding & Tenders Portal Online Manual, Terms and Conditions, and Privacy Statement.

The budget overview for the year 2025 includes several topics: HORIZON-CL3-2025-02-CS-ECCC-01 (HORIZON-RIA) with a budget of EUR 40,000,000 and an indicative number of 3 grants, each contributing EUR 12,000,000 to 14,000,000; HORIZON-CL3-2025-02-CS-ECCC-02 (HORIZON-IA) with a budget of EUR 23,550,000 and an indicative number of 4 grants, each contributing EUR 4,500,000 to 6,000,000; HORIZON-CL3-2025-02-CS-ECCC-03 (HORIZON-RIA) with a budget of EUR 11,000,000 and an indicative number of 3 grants, each contributing EUR 3,000,000 to 4,000,000; HORIZON-CL3-2025-02-CS-ECCC-04 (HORIZON-RIA) with a budget of EUR 4,000,000 and an indicative number of 2 grants, each contributing EUR 2,000,000 to 3,000,000; HORIZON-CL3-2025-02-CS-ECCC-05 (HORIZON-RIA) with a budget of EUR 6,000,000 and an indicative number of 2 grants, each contributing EUR 2,000,000 to 3,000,000; and HORIZON-CL3-2025-02-CS-ECCC-06 (HORIZON-RIA) with a budget of EUR 6,000,000 and an indicative number of 2 grants, each contributing EUR 2,000,000 to 3,000,000.

There are 11 partner search announcements available for collaboration on this topic. LEARs, Account Administrators, and self-registrants can publish partner requests after logging into the portal. The submission system is planned to open on the date stated on the topic header. There are no topic Q&As found. General FAQs are available. Support is provided through the Online Manual, Horizon Europe Programme Guide, Funding & Tenders Portal FAQ, Research Enquiry Service, National Contact Points (NCPs), Enterprise Europe Network, IT Helpdesk, European IPR Helpdesk, CEN-CENELEC Research Helpdesk, ETSI Research Helpdesk, the European Charter for Researchers, and Partner Search.

In summary, this Horizon Europe call aims to bolster the security of post-quantum cryptography by funding research and innovation actions that assess the security of post-quantum primitives against quantum and AI-based attacks. It encourages collaborative projects involving experts in cryptography and quantum computing to identify vulnerabilities and recommend parameters for designing more secure cryptosystems. The call provides a lump sum grant and is open to legal entities from Member States, Associated Countries, and OECD countries. The call seeks to ensure that as quantum computing and AI advance, cryptographic systems remain robust and secure, safeguarding the Union's digital assets and strategic interests.

Eligible Applicant Types: The eligible applicant types are legal entities established in Member States, Associated Countries, and OECD countries. Entities established in an eligible country but directly or indirectly controlled by a non-eligible country or entity are not allowed to participate.

Funding Type: The funding type is a grant, specifically HORIZON Research and Innovation Actions (HORIZON-RIA) and HORIZON Innovation Actions (HORIZON-IA) with eligible costs taking the form of a lump sum.

Consortium Requirement: The opportunity encourages consortia with teams of applicants with backgrounds in post-quantum cryptography and in quantum computing.

Beneficiary Scope (Geographic Eligibility): The geographic eligibility includes legal entities established in EU Member States, Associated Countries, and OECD countries.

Target Sector: The target sector is cybersecurity, specifically focusing on the security evaluations of Post-Quantum Cryptography (PQC) primitives, quantum computing, and artificial intelligence.

Mentioned Countries: EU Member States, Associated Countries, OECD countries.

Project Stage: The project stage is research and innovation actions. The call aims to support projects that will lead to breakthroughs in understanding the quantum hardness of mathematical problems, develop new quantum algorithms, improve the implementation of quantum algorithms, establish environments for testing the robustness of cryptosystems, and provide practical recommendations for the design of post-quantum cryptosystems.

Funding Amount: The funding amounts vary depending on the specific topic:
HORIZON-CL3-2025-02-CS-ECCC-01: EUR 12,000,000 to EUR 14,000,000
HORIZON-CL3-2025-02-CS-ECCC-02: EUR 4,500,000 to EUR 6,000,000
HORIZON-CL3-2025-02-CS-ECCC-03: EUR 3,000,000 to EUR 4,000,000
HORIZON-CL3-2025-02-CS-ECCC-04: EUR 2,000,000 to EUR 3,000,000
HORIZON-CL3-2025-02-CS-ECCC-05: EUR 2,000,000 to EUR 3,000,000
HORIZON-CL3-2025-02-CS-ECCC-06: EUR 2,000,000 to EUR 3,000,000

Application Type: The application type is a single-stage call.

Nature of Support: Beneficiaries will receive money in the form of a lump sum grant.

Application Stages: The application process is a single-stage process.

Success Rates: The success rates are not explicitly mentioned, but the indicative number of grants is provided for each topic.

Co-funding Requirement: The need for co-funding is not explicitly mentioned.

This Horizon Europe call, managed by the European Cybersecurity Competence Centre (ECCC), focuses on "Security Evaluations of Post-Quantum Cryptography (PQC) Primitives." It falls under the 'Destination Increased Cybersecurity' section of the work programme and aims to bolster the security of cryptographic systems against quantum and AI-based attacks. The call invites proposals for research and innovation actions (RIA) and innovation actions (IA) to assess the security of post-quantum primitives, develop new quantum algorithms, improve the implementation of existing algorithms, and establish testing environments. Consortia with expertise in post-quantum cryptography and quantum computing are encouraged. Eligible applicants include legal entities from EU Member States, Associated Countries, and OECD countries, with specific provisions to safeguard the Union's strategic interests. Funding is provided as a lump sum, with varying amounts allocated to different topics within the call, ranging from 2 million to 14 million EUR. The call is a single-stage process, with a planned opening date of June 12, 2025, and a deadline of November 12, 2025. The expected outcomes include breakthroughs in understanding quantum hardness, new quantum algorithms, improved implementations, robust testing environments, AI-based vulnerability discovery, cryptanalysis results, and parameter suggestions for improved post-quantum cryptosystems. The ultimate goal is to enhance post-quantum cybersecurity and design cryptosystems with improved security against quantum and AI-based attacks.