Google Warns Encryption at Risk From Quantum Computing
▼ Summary
– Google warns that quantum computing advances could make current encryption obsolete by 2029, a date it calls the potential deadline for post-quantum cryptography migration.
– Quantum computers pose a cybersecurity risk because they will be capable of breaking the public-key cryptography that secures most sensitive data today.
– A current threat is “store-now-decrypt-later” attacks, where adversaries steal encrypted data now to decrypt it once quantum computers are powerful enough.
– Government agencies like the UK’s NCSC and the US NSA have set later preparedness deadlines of 2035 and 2033, respectively, for post-quantum resilience.
– Google is taking action by integrating post-quantum cryptography into Android 17, aiming to push the industry to treat the migration as an immediate priority.
The security of our most sensitive digital information faces a fundamental challenge from an emerging technology. According to a recent warning from Google, the rapid progress in quantum computing could undermine the encryption protecting global data as soon as 2029. This technology, which leverages quantum mechanics to solve problems beyond the reach of today’s computers, promises breakthroughs in fields like medicine and artificial intelligence. Its power, however, also presents a severe cybersecurity threat, as it will be capable of cracking the public-key cryptography that secures everything from financial transactions to state secrets.
This creates a critical vulnerability. Adversaries could execute store-now-decrypt-later attacks, harvesting encrypted data today with the intention of decrypting it once quantum machines are sufficiently advanced. All data currently safeguarded by traditional algorithms would be exposed. While experts debate the exact timing of this “Q-Day,” the consensus is clear: the transition to new defensive standards cannot wait. National agencies have set target dates, with the U. S. National Security Agency aiming for 2033 and the UK’s National Cyber Security Centre suggesting 2035. Google’s updated 2029 forecast, however, significantly accelerates the perceived timeline for action.
The company’s assessment is based on observed advances in quantum computing hardware development and quantum error correction. In response, the upcoming Android 17 operating system will integrate post-quantum cryptography (PQC) for digital signatures, specifically adopting the NIST-approved ML-DSA algorithm. This proactive move is designed to protect against future threats to digital signatures and address the present danger of harvested data. As explained by Google executives, the immediate risk is to encryption, while signatures represent a future vulnerability that must be solved before a Cryptographically Relevant Quantum Computer (CRQC) is realized.
Industry observers note that Google’s revised deadline changes the strategic conversation. It shifts the focus from predicting a distant Q-Day to actively managing pre-Q-day risks today. By moving ahead of governmental timelines, the company is effectively making post-quantum migration an urgent operational imperative for the entire technology sector, rather than a future compliance checkbox. The race to secure our digital foundations against the quantum threat is now undeniably underway.
(Source: Infosecurity Magazine)
