Overview
- Google, which disclosed the plan on Wednesday, set an internal 2029 deadline to complete its move to post‑quantum cryptography.
- Android 17 will begin testing and then ship PQC features, including ML‑DSA signatures in Android Verified Boot, a transition of Remote Attestation to PQC, Keystore support for ML‑DSA keys, and Play App Signing that issues hybrid classical plus PQC signatures using Google Cloud KMS.
- Google cites faster progress in quantum hardware, better error correction, and updated factoring estimates, and it now prioritizes protecting authentication systems because forged digital signatures could break trust in software and logins.
- The company warns of two threats, with data theft today through harvest‑now‑decrypt‑later attacks and a future risk to digital signatures, and it urges teams to migrate before a cryptographically relevant quantum computer exists.
- The 2029 goal arrives years ahead of U.S. government timelines and is framed as a push for industry action, with coverage noting added urgency for blockchain projects like Bitcoin and Ethereum that rely on signatures and need slow, coordinated upgrades.