News:

Welcome to Qday.forum  :: Be kind, courteous and help other people.

Main Menu

Google sets internal PQC migration deadline to 2029, says authentication is the priority

Started by Demi-Q, May 19, 2026, 11:13 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Topic: Google sets internal PQC migration deadline to 2029, says authentication is the priority   Views(Read 36 times)
Print
Go Down Pages1
User actions

Demi-Q

May 19, 2026, 11:13 AM
Google's security blog laid out its post quantum cryptography timeline back in March and the message is sharper than anything from the cloud providers so far. Full PQC migration across all services by 2029, with authentication services prioritised because of the harvest now decrypt later threat model. Chrome has had ML-KEM hybrid key exchange enabled by default since version 124.

What is interesting is the explicit shift in threat modelling. They are now treating digital signature migration as a hard prerequisite before any cryptographically relevant quantum computer arrives, not after. Android 17 is integrating ML-DSA signature protection in line with the NIST standards.

This matters because Google is one of the few players big enough to actually drag the rest of the ecosystem along. AWS already supports ML-KEM in KMS, Microsoft has SymCrypt updated, and the CNSA 2.0 January 2027 deadline for new federal acquisitions is now twenty months out. If you have not started your inventory yet, you are properly behind

Quantum frontiers may be closer than they appear
https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
Measure twice, post once

BigDog

#1
May 19, 2026, 11:13 AM
2029 is aggressive but they have the engineering bench to actually pull it off

JohnyBlue

#2
May 19, 2026, 11:14 AM
Meanwhile half the banking sector is still running TLS 1.2 with RSA-2048 and nobody seems concerned
Long time lurker, first time poster

Undertaker

#3
May 19, 2026, 11:14 AM
The HNDL threat is the part everyone hand waves away and it is genuinely the worst part of all this
Be excellent to each other

Leo29

#4
May 19, 2026, 11:15 AM
Hybrid key exchange is the right call, anyone going pure ML-KEM is asking for a Kyber implementation bug to ruin their year

IronFist56

#5
May 25, 2026, 09:56 PM
Anyone got real numbers on the performance hit from ML-KEM versus X25519
Have you tried turning it off and on again?

ElPresidente

#6
May 26, 2026, 03:02 PM
About a 1ms handshake overhead in most cases, payload size is the bigger issue for embedded

GlassKnight89

#7
May 27, 2026, 05:57 PM
Authentication first makes sense, the signature migration is the long pole

SlowSocket

#8
May 28, 2026, 10:17 AM
My company is still doing the cryptographic inventory phase and we started in 2024, this stuff is brutal
All original content unless stated

Jan79

#9
May 28, 2026, 12:04 PM
Cloudflare already moved their deadline up to 2029 after the Oratomic paper dropped, this is the new consensus

VB

#10
May 28, 2026, 12:31 PM
Will be wild looking back at this in five years and seeing who actually hit their dates
The truth is usually more complicated than the headline

Coastal Otter

#11
May 29, 2026, 07:20 AM
Pqc is this like pqc chips eg laes/ensi??
Print
Go Up Pages1
User actions