When will PostgreSQL be deprecated?

PostgreSQL's PQC timeline depends on OpenSSL. OpenSSL oqs-provider is available now for testing.

Database

Is PostgreSQL Quantum Safe?

Not Quantum Safe

Not yet. PostgreSQL uses OpenSSL for TLS connections, which means PQC support depends on OpenSSL PQC implementation. PostgreSQL itself has not added native PQC support.

Key Takeaway: PostgreSQL is NOT quantum safe. Scan your PostgreSQL infrastructure with QScout. Plan OpenSSL upgrades to PQC-capable versions (3.x with oqs-provider). Test PQC TLS connections in staging before production deployment.

Technical Analysis

PostgreSQL is NOT quantum safe today, but its dependency on OpenSSL provides a clear PQC path. **Current State:** PostgreSQL uses OpenSSL (or GnuTLS) for TLS connections. The TLS key exchange uses classical RSA or ECDH. PostgreSQL's pgcrypto extension uses classical algorithms. **PQC Progress:** PostgreSQL's PQC readiness depends on OpenSSL: - **OpenSSL 3.x**: Includes an oqs-provider (via Open Quantum Safe project) that adds ML-KEM and ML-DSA support. - **PostgreSQL**: No native PQC changes needed if OpenSSL supports PQC — PostgreSQL delegates TLS to the underlying library. - **Connection string**: Once OpenSSL supports PQC cipher suites, PostgreSQL can use them via ssl_ciphers configuration. - **pgcrypto**: Extension for application-level encryption — does not yet support PQC algorithms. **HNDL Risk:** Database connections carry SQL queries, result sets, and authentication credentials. PostgreSQL connections to application servers are high-value HNDL targets. **What Organizations Should Do:** Audit all PostgreSQL connections, replication links, and pgbouncer configurations. Plan to upgrade OpenSSL to PQC-capable versions. Use QScout to discover all database cryptographic dependencies.

Full Name	PostgreSQL Database
Category	database
Quantum Vulnerability	PostgreSQL TLS connections use classical key exchange via OpenSSL, vulnerable to quantum attack. PQC migration path exists through OpenSSL PQC provider upgrades.
NIST Status	PostgreSQL relies on OpenSSL for TLS. OpenSSL 3.x supports NIST PQC standards via oqs-provider. PostgreSQL can inherit PQC support through library upgrades.
Deprecation Timeline	PostgreSQL's PQC timeline depends on OpenSSL. OpenSSL oqs-provider is available now for testing.
Replaced By	PostgreSQL TLS will migrate to ML-KEM via OpenSSL PQC provider upgrades

Migration Guidance

Scan your PostgreSQL infrastructure with QScout. Plan OpenSSL upgrades to PQC-capable versions (3.x with oqs-provider). Test PQC TLS connections in staging before production deployment.

Related Algorithms

TLS 1.2

Transport Layer Security 1.2

RSA-2048

RSA with 2048-bit keys

MongoDB

MongoDB and MongoDB Atlas

MySQL

MySQL and MySQL HeatWave

ML-KEM

Module-Lattice-Based Key-Encapsulation Mechanism (FIPS 203)

How Qtonic Quantum Can Help

QScout Surface/Silver/Gold — Discover every instance of PostgreSQL in your infrastructure. 7-day cryptographic inventory with HNDL exposure scoring.

Assessment Methodology — 70 security modules covering cryptographic discovery, quantum threat modeling, and migration planning.

Back to Algorithm Database — Explore 25+ cryptographic algorithms and their quantum safety status.

Don’t Know Where PostgreSQL Lives in Your Stack?

QScout discovers every instance of PostgreSQL across your infrastructure in 7 days — with zero operational disruption. 72-hour time to first findings.

Schedule Assessment Try Risk Calculator

Assess your quantum-vulnerable cryptography with QScout, validate readiness with QStrike, or plan your migration with QSolve.