Google sets 2029 deadline for Post-Quantum cryptography

Google set 2029 as the deadline to deploy post-quantum cryptography across its products, linking the date to faster progress in quantum hardware, improved error correction, and updated estimates for breaking current encryption. The timeline is the first public target attached to its post-quantum program and is meant to protect both encryption and digital signatures across services.

The update places early focus on authentication systems and digital signatures used for account access, software integrity, and device security. The company characterizes encryption as at risk today from “store-now-decrypt-later” tactics, where attackers capture data now to decrypt in the future. It views signatures as a forward risk that must be addressed before a cryptographically relevant quantum computer emerges to avoid verification failures across products and protocols.

Android 17 will integrate ML-DSA, a post-quantum digital signature scheme aligned with selections from the National Institute of Standards and Technology. Google already supports post-quantum key exchange in Chrome and offers quantum-safe options in its cloud services. Additional technical guidance for product teams and customers is planned as migrations advance.

Executives linked the schedule to advances in quantum computing and a reassessment of when public-key schemes could be at risk. The company aims to complete critical migrations before quantum machines reach a break-capable scale, ensuring continuity for authentication and secure communications. The 2029 target arrives earlier than some estimates for “Q-Day,” the point when quantum computers could defeat widely used public-key cryptography. Tying plans to dates is intended to give teams and partners clear targets for testing, implementation, and user migrations.

“Quantum computers will pose a threat to current cryptographic standards,” an update from the company states. “It’s our responsibility to lead by example and share an ambitious timeline.”

The plan applies across Google’s portfolio, from consumer apps to enterprise services. Each surface will require work on key management, protocol upgrades, and interoperability, a process likely to span multiple software release cycles and partner integrations. The company encouraged organizations to inventory cryptographic dependencies, identify data that must remain confidential for years, and design rollouts that maintain compatibility during the switch to post-quantum schemes.

Work on post-quantum defenses is accelerating in crypto networks that rely on public-key cryptography. The Ethereum Foundation launched a Post-Quantum Ethereum resource hub and is targeting protocol-level protections by 2029, with execution-layer work to follow. Solana developers introduced a quantum-resistant vault in January 2025 that uses hash-based signatures and generates a new key for each transaction; users must move funds into specialized Winternitz vaults because the feature does not change the base protocol. In Bitcoin, views differ on urgency: Blockstream CEO Adam Back has argued the risks are overstated and likely decades away, while researchers including Ethan Heilman have supported BIP-360, a proposal for a new output type that limits how long public keys are exposed.

Google’s update points to continued progress in quantum hardware, refinements in error-correction techniques, and revised factoring cost estimates that affect when algorithms such as RSA and elliptic-curve signatures could become unreliable. The company plans further updates as the migration proceeds.