Microsoft Targets Code Signing for Quantum Resilience by 2029

Microsoft is now targeting 2029 for transitioning its products and services to Post-Quantum Cryptography, aligning with accelerated timelines set by Google and Cloudflare. This move reflects a significant shift in the perceived threat landscape, driven by advances in quantum computing and geopolitical pressures; last month, the US and French governments issued guidance pushing for PQC adoption in high-risk systems. “Advances in quantum research and development have shifted the risk horizon,” explains Microsoft Azure CTO Mark Russinovich, adding, “We believe cryptographically relevant quantum computers could arrive sooner than previously expected – and the work required to prepare is significant, so organizations need to start now.” The company’s strategy centers on upgrading network connectivity with TLS 1.3, embracing crypto-agility, and modernizing code signing processes to achieve quantum resilience.

Microsoft’s Accelerated Quantum Safe Program to 2029

The escalating threat from quantum computing has prompted Microsoft to significantly accelerate its transition to post-quantum cryptography, now targeting completion of the program by 2029. This aligns the company with previously announced timelines from Google and Cloudflare, signaling a broad industry shift. Microsoft’s strategy for achieving quantum resilience rests on three core pillars, beginning with establishing TLS 1.3 as the standard baseline for network connectivity and actively phasing out older, less secure protocols. This represents a concrete technical commitment, moving beyond theoretical discussions toward practical implementation of more robust security measures. The second pillar focuses on transitioning away from static cryptographic systems toward enabling seamless updates to algorithms with minimal disruption to existing infrastructure. This adaptability is crucial as the field of quantum-resistant cryptography continues to evolve and new standards emerge.

Finally, Microsoft aims to overhaul its complex systems for code signing, device identities, and certificate issuance to ensure quantum resilience. The company recommends organizations prioritize cryptographic inventory, design for agility, and align for a multi-year transition, recognizing that proactive preparation is paramount to avoiding future vulnerabilities.

We believe cryptographically relevant quantum computers could arrive sooner than previously expected – and the work required to prepare is significant, so organizations need to start now.

Crypto-Agility and TLS 1.3 for Data Protection

Microsoft’s revised timeline for adopting post-quantum cryptography extends beyond simply selecting new algorithms; it necessitates a fundamental shift in how data is protected both in transit and at rest, with a target date of 2029 aligning the company with Google and Cloudflare’s accelerated schedules. This commitment is not solely driven by technological advancements, but also by escalating geopolitical pressures, as evidenced by recent guidance from the US and French governments advocating for PQC implementation in high-risk systems, fueled by concerns surrounding the threat. A core component of Microsoft’s strategy involves establishing Transport Layer Security 1.3. This move signifies a concrete technical commitment to securing data transmission and represents a departure from reliance on static cryptographic systems.

The company recognizes that the most significant challenge isn’t algorithm selection, but rather identifying where legacy cryptography is embedded within complex systems; this discovery phase often presents the biggest hurdle for organizations undertaking similar transitions. Beyond data in transit, Microsoft is prioritizing crypto-agility, aiming to enable seamless updates to cryptographic algorithms with minimal disruption. This multi-faceted strategy isn’t merely about avoiding a hypothetical quantum disruption, but about building a robust security architecture prepared for the challenges of the present and future.

Stay current. See today’s quantum computing news on Quantum Zeitgeist for the latest breakthroughs in qubits, hardware, algorithms, and industry deals.
Avatar of Ivy Delaney

Ivy Delaney

We've seen the rise of AI over the last few short years with the rise of the LLM and companies such as Open AI with its ChatGPT service. Ivy has been working with Neural Networks, Machine Learning and AI since the mid nineties and talk about the latest exciting developments in the field.

Latest Posts by Ivy Delaney: