Google

Google Sets 2029 Deadline for Post-Quantum Cryptography Migration


Executive Summary

Google has announced a public timeline, setting 2029 as its target for completing the migration to post-quantum cryptography (PQC). Driven by progress in quantum computing, this initiative aims to protect against future threats where quantum computers could break current encryption standards. The company is prioritizing the transition for authentication services and digital signatures, urging the rest of the industry to adopt a similar sense of urgency to secure digital infrastructure.

Key Takeaways

* 2029 Migration Deadline: Google has committed to a firm 2029 timeline to transition its systems to quantum-resistant cryptographic standards.

* Threat Prioritization: The company has adjusted its threat model to prioritize PQC migration for authentication services and digital signatures. It highlights "store-now-decrypt-later" as a relevant, immediate threat to encrypted data.

* Industry Call to Action: By publishing its timeline, Google aims to provide clarity and encourage other organizations to accelerate their own PQC transitions.

* Android 17 Integration: As a concrete example of its progress, Google announced that Android 17 will integrate PQC digital signature protection using the NIST-standardized ML-DSA algorithm.

* Existing PQC Efforts: This announcement builds on Google's prior PQC work, including support in Google Chrome and solutions within Google Cloud.

Strategic Importance

By setting an ambitious public deadline, Google establishes industry leadership in the quantum security transition and creates pressure for the broader ecosystem to adopt PQC standards.

Original article