Google has established 2029 as the target date for a complete migration to post-quantum cryptography, a move intended to strengthen digital security against the emerging threat of quantum computing. The company’s decision follows a recent call to action to secure the quantum era before powerful quantum computers can compromise existing encryption methods; this timeline accounts for advancements in quantum computing hardware, error correction, and resource estimates. “As a leader in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline,” said Heather Adkins, VP of Security Engineering, emphasizing the need for industry-wide acceleration of digital transitions. Google is already integrating PQC digital signature protection, specifically ML-DSA, into Android 17, aligning with standards set by the National Institute of Standards and Technology, and extending PQC solutions to Chrome and Cloud services.

2029 Post-Quantum Cryptography Migration Timeline

This timeline, revealed by Heather Adkins, VP of Security Engineering, and Sophie Schmieg, Senior Staff Cryptography Engineer, responds to the growing threat of “store-now-decrypt-later” attacks, where encrypted data is intercepted and saved for future decryption by a quantum computer. The company’s decision reflects an adjusted threat model prioritizing authentication services and digital signature migrations, recognizing that current encryption standards face immediate risk while digital signatures represent a future vulnerability. This proactive stance stems from Google’s position as a leader in both quantum computing and post-quantum cryptography, prompting a commitment to share an ambitious timeline to encourage industry-wide adoption. The company stated that they hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry.

The urgency is driven by the potential for a cryptographically relevant quantum computer to break existing encryption, necessitating a preemptive shift to quantum-resistant algorithms; Google recommends other engineering teams adopt a similar approach to safeguard their systems. Further updates regarding this transition are expected as the company continues to refine its strategy and deploy PQC solutions.

Android 17 Integrates ML-DSA Digital Signature Protection

The increasing viability of quantum computing is now prompting proactive security measures within mobile operating systems, with Google’s Android 17 becoming an early adopter of post-quantum cryptography. This implementation builds upon existing PQC support already available in Google Chrome and Cloud services, demonstrating a comprehensive strategy to fortify its ecosystem against emerging quantum threats. The integration of ML-DSA within Android 17 directly delivers advanced PQC technology to consumers, preemptively addressing a vulnerability that, while not immediate, requires preparation due to the potential for “store-now-decrypt-later attacks” on encrypted data.