Google to Accelerate Migration to Post-Quantum Cryptography by 2029
Google has updated its timeline for transitioning to encryption resistant to quantum attacks: full migration of systems, devices, and data will be complete by 2029. This is in response to accelerated progress in quantum computing, including hardware developments, error correction, and resource estimates for factorization.
Reasons for Accelerating the Transition
Vice President of Security Heather Adkins and Senior Cryptologist Sophie Schmieg noted that progress in quantum technologies is outpacing forecasts. Key factors:
- Rapid advances in quantum hardware.
- Progress in quantum error correction.
- Improved resource estimates for factorization algorithms like Shor's.
Google previously planned migration by 2035, but last month company leaders signaled an acceleration. The new timeline is ahead of US federal requirements (2035), where a shift to 2030 is under discussion.
New Algorithms from NIST
Migration will affect all levels: devices, systems, data. Replacement will shift to algorithms standardized by NIST after 10+ years of development:
- ML-DSA (CRYSTALS-Dilithium) for digital signatures.
- ML-KEM (Kyber) for key exchange.
- SLH-DSA (SPHINCS+) as a backup for signatures.
These PQC algorithms (Post-Quantum Cryptography) are resistant to attacks using quantum computers, including Grover's and Shor's algorithms. They have undergone independent cryptanalysis.
Google is positioning itself as a leader, urging industries to prepare promptly. There are no mandates for the private sector, but the ambitious timeline serves as a benchmark.
Integration into Android
Preparation of Android for the post-quantum era is already underway. Changes have been implemented in the Android 17 beta:
- Android Verified Boot: Integration of ML-DSA for creating quantum-resistant signatures during boot. Protects against software modifications even under quantum attacks.
- Remote Attestation: Transition to a PQC-compatible architecture. Updating KeyMint certificate chains to support post-quantum algorithms. Devices will be able to attest their integrity to trusted parties in the new cryptographic environment.
Example integration ML-DSA in Verified Boot:
// Psevdokod for podpisi zagruzochnogo obraza
keypair = generate_ml_dsa_keypair();
signature = ml_dsa_sign(keypair.private, boot_image_hash);
if (ml_dsa_verify(keypair.public, boot_image_hash, signature)) {
proceed_to_boot();
} else {
halt_securely();
}
These measures ensure continuity of trust chains in the post-quantum world.
Comparison of Migration Timelines
| Entity | Migration Deadline | Binding |
|--------|--------------------|---------|
| Google | 2029 | Internal plan |
| US (federal agencies) | 2035 (possibly 2030) | Mandatory |
| Private sector | No deadline | Recommendation |
The acceleration is tied to breakthroughs in quantum research, including from Chinese labs. This minimizes 'harvest now, decrypt later' risks.
Key Points
- Google is shortening the migration timeline from 2035 to 2029 due to progress in quantum computing.
- NIST standards (ML-DSA, ML-KEM) will form the basis for replacing legacy algorithms (RSA, ECC).
- Android 17 integrates PQC into Verified Boot and attestation to protect trust chains.
- The timeline is ahead of US government standards, urging industries to take action.
- Focus on mitigating quantum threats: factorization, collision search.
— Editorial Team
No comments yet.