Google Accelerates Quantum Cybersecurity Timeline, Sets “Q Day” Readiness for 2029
Google is significantly accelerating its timeline for preparing for “Q Day”—the point at which quantum computers could break current public-key cryptography algorithms. The company now aims to be fully prepared by 2029, a move that underscores the growing urgency to adopt post-quantum cryptography (PQC) across the technology landscape.
The Looming Threat of Quantum Computing
For decades, public-key cryptography, including algorithms like RSA and elliptic curves, has secured sensitive data across the globe, protecting everything from financial transactions to government communications. However, the advent of powerful quantum computers poses a fundamental threat to these systems. Quantum computers leverage the principles of quantum mechanics to perform calculations far beyond the capabilities of classical computers, potentially rendering current encryption methods obsolete.
Google’s Accelerated Timeline
In a blog post published on Wednesday, March 25, 2026, Google announced its commitment to leading the industry in transitioning to PQC. Heather Adkins, Google’s VP of security engineering, and Sophie Schmieg, a senior cryptography engineer, stated that this ambitious timeline is intended to provide clarity and urgency for digital transitions, not just within Google, but across the entire industry. Previously, estimates for when quantum computers would pose a significant threat varied widely. Google’s revised 2029 target aims to provide a concrete deadline for action.
Android 17 and ML-DSA Support
Google is also taking concrete steps to bolster the security of its Android operating system. Starting with the beta version of Android 17, the platform will support ML-DSA, a digital signing algorithm standard developed by the National Institute of Standards and Technology (NIST). ML-DSA will be integrated into Android’s hardware root of trust, allowing developers to utilize PQC keys for signing applications and verifying software signatures. This integration extends to the Android verified boot library, enhancing the security of the boot sequence against manipulation, and remote attestation is also being migrated to PQC.
Industry-Wide Implications and NIST’s Role
Google’s announcement is a call to action for the broader technology industry. The company emphasizes the demand for a rapid shift toward PQC to mitigate the risks associated with potential cryptographic breakthroughs. The National Institute of Standards and Technology (NIST) is playing a crucial role in guiding this transition, establishing standards and recommending PQC algorithms for adoption. NIST plans to deprecate the use of RSA digital signature algorithms with 112 bits of security (2048-bit keys) alongside other widely-used algorithms in 2030, and proposes disallowing all legacy RSA algorithms by 2035 .
What is Post-Quantum Cryptography?
Post-quantum cryptography (PQC) refers to cryptographic algorithms that are believed to be secure against attacks from both classical computers and quantum computers. These algorithms are based on mathematical problems that are thought to be challenging for quantum computers to solve. Common approaches include lattice-based cryptography and hash-based signatures.
Key Takeaways
- Google has moved up its “Q Day” readiness target to 2029.
- The company is actively integrating PQC into its Android operating system with the ML-DSA algorithm.
- Industry-wide adoption of PQC is critical to protect against the threat of quantum computing.
- NIST is leading the standardization efforts for PQC algorithms.