The post-quantum future may be coming sooner than you think, as Google plans to have PQC migration in place by 2029.
The post-quantum future appears to be on its way, and some believe that future may be as soon as a few years out.
Google on Wednesday announced that it would aim to integrate post-quantum cryptography (PQC) into its systems, products, and services by the end of 2029. The migration timeline was announced in a blog post authored by Heather Adkins, vice president of security engineering, and Sophie Schmieg, senior staff cryptography engineer at Google.
The announcement follows a call to action the tech giant published last month, in which the company said quantum computers were going to revolutionize the sciences but also break current authentication and encryption methodologies. And as quantum computation becomes more available, threat actors will similarly be able to take advantage of the technology.
This is why vendors like Google and Apple, as well as the public sector, have placed emphasis on getting PQC in place with cryptographic algorithms designed to resist future quantum computers. The US government's National Institute Standards & Technology (NIST) published its first standards on PQC in 2024, which companies like Google are using as a road map for the future.
"We are on track to complete a PQC migration safely within NIST's current guidelines and we've begun rolling out PQC within our infrastructure for internal operations and products. To successfully migrate to a safer post-quantum state we're focused on three key areas: Crypto agility, securing critical shared infrastructure, and facilitating ecosystem shifts, which can create a long-term and more robust security infrastructure," the post read.
NIST continues to make a big push for PQC migration into hardware, software, and products, and other public sector entities have also shown interest in the technology.
Although quantum computing in a security context is usually devoted to encryption as the key issue (Google warned of attacks where threat actors would steal data to decrypt a few years from now), the new blog post emphasizes authentication as a foremost topic of concern.
"Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures. The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC)," Adkins and Schmieg wrote. "That's why we've adjusted our threat model to prioritize PQC migration for authentication services — an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit."
Alongside the 2029 commitment, Google mentioned that Android 17 is integrating PQC digital signature protection using Module-Lattice-Based Digital Signature Algorithm (ML-DSA), which comes in addition to previously announced support for post-quantum technologies in Google Chrome and Cloud.
"Salts add a vital layer of randomness to our cryptographic processes, significantly impeding attackers' efforts to leverage precomputed attacks," she says. "This approach increases the effort, cost, and time required for adversaries to compromise our data, effectively buying us valuable protection as we work toward comprehensive encryption solutions. Staying ahead of these threats with layered, strategic defenses is essential to safeguarding our critical information now and into the future."
NIST's Dustin Moody says that for organizations, the risk of not preparing for quantum computing goes beyond external threats to data and authentication systems. It can also cause interoperability issues with partners in the future that do prioritize PQC. However, for smaller organizations, the response should be to prioritize preparedness over panic.
"Begin by building awareness and conducting an inventory of where cryptography is used. Because smaller organizations typically rely on third-party solutions, the most important step is engaging your service providers — cloud platforms, VPN vendors, and software partners — to confirm their post-quantum migration plans," he says. "Organizations should also be mindful of crypto agility, ensuring their systems can adapt as standards evolve. Concern should be highest for systems that protect long-lived sensitive data and require confidentiality well into the future."
The post-quantum future appears to be on its way, and some believe that future may be as soon as a few years out.
Google on Wednesday announced that it would aim to integrate post-quantum cryptography (PQC) into its systems, products, and services by the end of 2029. The migration timeline was announced in a blog post authored by Heather Adkins, vice president of security engineering, and Sophie Schmieg, senior staff cryptography engineer at Google.
The announcement follows a call to action the tech giant published last month, in which the company said quantum computers were going to revolutionize the sciences but also break current authentication and encryption methodologies. And as quantum computation becomes more available, threat actors will similarly be able to take advantage of the technology.
This is why vendors like Google and Apple, as well as the public sector, have placed emphasis on getting PQC in place with cryptographic algorithms designed to resist future quantum computers. The US government's National Institute Standards & Technology (NIST) published its first standards on PQC in 2024, which companies like Google are using as a road map for the future.
Google's Impending Post-Quantum Migration
In the February blog post, Google described its migration as follows."We are on track to complete a PQC migration safely within NIST's current guidelines and we've begun rolling out PQC within our infrastructure for internal operations and products. To successfully migrate to a safer post-quantum state we're focused on three key areas: Crypto agility, securing critical shared infrastructure, and facilitating ecosystem shifts, which can create a long-term and more robust security infrastructure," the post read.
NIST continues to make a big push for PQC migration into hardware, software, and products, and other public sector entities have also shown interest in the technology.
Although quantum computing in a security context is usually devoted to encryption as the key issue (Google warned of attacks where threat actors would steal data to decrypt a few years from now), the new blog post emphasizes authentication as a foremost topic of concern.
"Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures. The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC)," Adkins and Schmieg wrote. "That's why we've adjusted our threat model to prioritize PQC migration for authentication services — an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit."
Alongside the 2029 commitment, Google mentioned that Android 17 is integrating PQC digital signature protection using Module-Lattice-Based Digital Signature Algorithm (ML-DSA), which comes in addition to previously announced support for post-quantum technologies in Google Chrome and Cloud.
Preparing for the Quantum Era
Melina Scotto, a cybersecurity executive adviser and longtime chief information security officer (CISO), tells Dark Reading the 2029 deadline is manageable and presents a proactive security posture on Google's part. Although not every organization can be as well resourced as Google, Scotto urged organizations to prioritize implementing robust salting techniques."Salts add a vital layer of randomness to our cryptographic processes, significantly impeding attackers' efforts to leverage precomputed attacks," she says. "This approach increases the effort, cost, and time required for adversaries to compromise our data, effectively buying us valuable protection as we work toward comprehensive encryption solutions. Staying ahead of these threats with layered, strategic defenses is essential to safeguarding our critical information now and into the future."
NIST's Dustin Moody says that for organizations, the risk of not preparing for quantum computing goes beyond external threats to data and authentication systems. It can also cause interoperability issues with partners in the future that do prioritize PQC. However, for smaller organizations, the response should be to prioritize preparedness over panic.
"Begin by building awareness and conducting an inventory of where cryptography is used. Because smaller organizations typically rely on third-party solutions, the most important step is engaging your service providers — cloud platforms, VPN vendors, and software partners — to confirm their post-quantum migration plans," he says. "Organizations should also be mindful of crypto agility, ensuring their systems can adapt as standards evolve. Concern should be highest for systems that protect long-lived sensitive data and require confidentiality well into the future."