Google races to secure encryption before quantum threats arrive
Google is preparing for the quantum era, a turning point in digital security, with a 2029 timeline for post-quantum cryptography (PQC) migration.
Security professionals warn that current encryption could be broken by large-scale quantum computers in the coming years. This risk is already relevant due to store-now-decrypt-later attacks.
Google says organizations should adopt NIST-developed PQC standards before large-scale, fault-tolerant quantum computers become a reality.
“That’s why we’ve adjusted our threat model to prioritize PQC migration for authentication services — an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit,” said Heather Adkins, VP of Security Engineering, and Sophie Schmieg, Senior Staff Cryptology Engineer.
The Trusted Computing Group found that 91% of businesses do not have a formal roadmap for migrating to quantum-safe algorithms.
“As a pioneer in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline. By doing this, we hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry,” Adkins and Schmieg added.
Android 17 adds quantum-resistant security
As part of its ongoing efforts, Android will begin testing quantum-resistant cryptography enhancements in the next Android 17 beta, followed by general availability in the production release.
These changes focus on strengthening platform integrity at the hardware and system level.
Android Verified Boot (AVB) is being updated to use the Module-Lattice-Based Digital Signature Algorithm (ML-DSA), adding quantum-resistant signatures to protect the boot process from tampering.
At the same time, Remote Attestation is transitioning to a PQC-based architecture aligned with current standards. Updates to KeyMint certificate chains allow devices to verify their state using quantum-resistant algorithms, helping maintain trust as quantum capabilities evolve.
During the Android 17 release cycle, Google Play will generate quantum-safe ML-DSA signing keys for new apps and for existing apps that opt in, regardless of their target API. Later, developers will be able to choose their own classical and ML-DSA signing keys and delegate them to Google Play for hybrid key upgrades.
“To promote security best practices, Google Play will also start prompting developers to upgrade their signing keys at least every two years,” Google wrote.