Tech giants accelerate post-quantum cryptography timelines after new quantum computing research
Google and Cloudflare have moved their internal deadlines for quantum-safe encryption readiness forward by five years to 2029, driven by recent research suggesting cryptographically relevant quantum computers could arrive sooner than expected.
1 source
- Google and Cloudflare moved their post-quantum cryptography readiness deadlines to 2029, up from 2034, citing recent research on accelerated quantum computing timelines.
- Two recent research papers showed quantum computers could break elliptic curve cryptography used in digital signatures with fewer qubits than previously estimated—one suggesting 10,000 physical qubits, another showing 1,200 logical qubits could break ECC-256 in nine minutes.
- Amazon and Microsoft maintain longer transition timelines of 2031-2035, though US government standards—DoD deadline of December 2031 and NIST deprecation call by 2035—reflect industry-wide urgency.
- Cryptography experts emphasize that even low probability of a cryptographically relevant quantum computer arriving by 2030 creates massive downside risk given the scale of upgrading global internet infrastructure.
Google and Cloudflare have moved their internal post-quantum cryptography readiness timelines to 2029, accelerating earlier plans by approximately five years. The shift follows publication of two research papers suggesting cryptographically relevant quantum computers (CRQC) could arrive within a shorter timeframe than previously modeled. Both firms had targeted 2034 for readiness; industry peers Amazon and Microsoft maintain longer timelines extending to 2031 and 2035 respectively.
Researchers at Oratomic and Google published findings that reduce estimated qubit requirements for breaking elliptic curve cryptography, a foundational algorithm securing digital signatures across the internet. Oratomic's approach using neutral atoms suggested 10,000 physical qubits could suffice, while Google developed quantum circuits requiring only 1,200 logical qubits to break ECC-256—the encryption protecting bitcoin and other blockchain systems—in nine minutes. Google estimated such systems would require around 500,000 physical qubits, down from previous estimates of one million.
The research prompted recalibration across the technology industry. The US Department of Defense mandates quantum-safe algorithms across national security systems by December 2031, while the National Institute of Standards and Technology has called for deprecating vulnerable algorithms by 2035. Experts including Stanford cryptographer Dan Boneh and former Microsoft engineer Brian LaMacchia stressed that the 2029 goal provides buffer room; missing a 2035 target would create acute vulnerability during a period when quantum computers might plausibly emerge.
The primary concern centers on 'harvest now, decrypt later' attacks, in which adversaries collect encrypted data today to decrypt once quantum computers become available. Most preparation has focused on replacing RSA encryption with post-quantum algorithms like ML-KEM. The new research emphasizing digital signature vulnerability has shifted urgency toward securing authentication systems across billions of applications globally.
- Apr 24, 2026 · arXiv cs.AI
New framework enables LLMs to discover and reuse skills for long-horizon game-playing tasks
Trust69 - Apr 24, 2026 · arXiv cs.AI
Researchers propose policy-grounded metrics to replace agreement-based evaluation in AI content moderation
Trust70 - Apr 24, 2026 · Google DeepMind — Blog
Google DeepMind proposes Decoupled DiLoCo for resilient distributed AI model training across data centers
Trust69