Google Sets 2029 Deadline for Quantum-Safe Security, Accelerating Global Race Toward Post-Quantum Cryptography

Google has redrawn one of the most important timelines in cybersecurity. The company now says it aims to be ready for “Q Day” by 2029, a milestone when quantum computers could break the cryptographic systems that underpin global digital trust.

That shift compresses what many in the industry expected to be a longer runway. It also signals a sharper sense of urgency around post-quantum cryptography, or PQC, as governments, cloud providers, and software vendors race to secure data against a future where RSA and elliptic curve encryption no longer hold.

Google framed the move as both a technical necessity and a leadership signal.

“As a pioneer in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline,” wrote Heather Adkins, Google’s VP of security engineering, and Sophie Schmieg, a senior cryptography engineer. “By doing this, we hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry.”

Why Google Is Moving Faster on Post-Quantum Cryptography

The shift to a 2029 readiness target reflects a growing concern that quantum breakthroughs are progressing faster than previously modeled. For decades, predictions around Q Day hovered in the distant future. That assumption is starting to erode.

Recent research from Google suggests that breaking a 2048-bit RSA key could require far fewer quantum resources than earlier estimates. Advances in error correction and qubit efficiency are shrinking the gap between theoretical capability and practical execution.

This matters because of a threat model known as “store now, decrypt later.” Adversaries can harvest encrypted data today and wait until quantum systems are capable of breaking it. Sensitive information with long lifespans, such as government communications, financial records, and intellectual property, is already at risk.

“Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures,” Google said in its announcement. “The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC).”

Android Becomes a Front Line for Quantum-Resistant Security

Alongside the new deadline, Google disclosed detailed plans to embed PQC directly into Android, marking the first time the company has publicly outlined a roadmap for quantum resistance at the operating system level.

Starting with Android 17, the platform will support ML-DSA, a digital signature algorithm standardized by the National Institute of Standards and Technology. The algorithm will be integrated into Android’s hardware root of trust, enabling developers to sign applications and verify software using quantum-resistant keys.

Google is also extending PQC into several core security layers:

• Verified boot, which ensures devices start in a trusted state

• Remote attestation, allowing devices to prove integrity to external systems

• Android Keystore, enabling secure generation and storage of PQC keys

• Google Play ecosystem, including developer signatures across apps

This is not a lightweight update. Moving an entire mobile ecosystem to new cryptographic primitives will require coordination across device manufacturers, developers, and enterprise environments. For many teams, it will introduce new tooling, validation workflows, and compatibility challenges.

Industry Reaction: Aggressive, but Telling

The 2029 target caught the attention of cryptography experts who have been working on PQC transitions for years.

“That is certainly a significant acceleration/tightening of the public transition timelines we’ve seen to date, and is accelerated over even what we’ve seen the US government ask for,” Brian LaMacchia, a former Microsoft cryptography leader, said. “The 2029 timeline is an aggressive speedup but raises the question of what’s motivating them.”

Government timelines have historically been more conservative. The NSA has pointed to deadlines around 2031 for national security systems, with earlier targets for select use cases. Google’s move effectively leapfrogs those benchmarks and places pressure on the broader ecosystem to move faster.

Suman Sharma, Head of PAM Engineering at Ping Identity, said the shift reflects a broader inflection point.

“Google accelerating its timeline to 2029 underscores a growing realization across the industry that the window to prepare for a post-quantum world is smaller than many anticipated. We’re already in the midst of the largest overhaul of the internet’s encryption backbone in decades, with hybrid quantum-resistant standards rolling out across browsers and core infrastructure. High-security sectors are moving quickly toward fully quantum-safe deployments, yet much of the broader ecosystem is still operating in a transitional, hybrid state. This latest move reinforces that leading technology providers no longer see post-quantum security as a distant concern. It’s now an immediate priority, and the pace of adoption will only continue to accelerate.”

The Bigger Picture: A Once-in-a-Generation Crypto Migration

The transition to PQC represents one of the most complex infrastructure shifts in the history of the internet. Unlike previous cryptographic upgrades, this one must happen before a known breaking point.

New algorithms, including lattice-based encryption and hash-based signatures, are designed to withstand quantum attacks. Standards bodies like NIST have already selected candidates, but adoption remains uneven across industries.

Major platforms including Google, Apple, and Cloudflare have begun rolling out hybrid models that combine classical and quantum-resistant algorithms. Messaging platforms like Signal have also integrated PQC into their encryption stacks.

Still, much of the internet remains in a transitional state. Legacy systems, embedded devices, and long-lived certificates present significant hurdles.

Google’s 2029 target is less about predicting exactly when Q Day will arrive and more about forcing the ecosystem to act before it does.

For enterprises, the message is clear. Inventory cryptographic assets, prioritize high-risk systems, and begin migrating to PQC now. Waiting for certainty in quantum timelines is no longer a viable strategy.

The clock, according to Google, is already ticking.