Microsoft Accelerates Post-Quantum Cryptography Shift to 2029

5 hours ago 7

Ravie LakshmananJul 01, 2026Quantum Computing / Encryption

Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner than previously expected.

"Advances in quantum research and development have shifted the risk horizon," Mark Russinovich, chief technology officer of Microsoft Azure, said. "We believe cryptographically relevant quantum computers could arrive sooner than previously expected – and the work required to prepare is significant, so organizations need to start now."

To that end, the Windows maker is speeding up the Microsoft Quantum Safe Program (QSP) timeline with the goal of transitioning critical products and services to post-quantum cryptography (PQC) by 2029. The company is also planning to incorporate PQC requirements into its Secure Future Initiative (SFI).

Cybersecurity

Some key focus areas include upgrading network cryptography by adopting TLS 1.3, building crypto-agility for stored data to facilitate the ability to change cryptography without having to redesign the underlying systems, and transitioning to PQC algorithms to secure trust chains, such as code signing, certificate issuance, key protection, and update pipelines.

"This brings quantum-safe readiness into the same disciplined engineering framework we use for other critical security outcomes: clear ownership, measurable milestones, and transparent progress," Russinovich said. "Embedding these capabilities into our platforms empowers customers to move sooner and more confidently."

Microsoft also noted that crypto-agility is essential for post-quantum migration, calling for the need to remove hard-coded algorithm assumptions, persist adequate information to reconstruct the cryptographic context, and build systems such that algorithm upgrades become routine engineering tasks rather than emergency rewrites.

"Crypto-agility requires either self-describing cryptographic metadata or versioned ciphertext formats so implementations can read legacy data while writing with the newest approved algorithms," it explained. "A well-designed crypto-agile system should aim to read older ciphertext formats long enough to support migration, while writing new data with the newest approved configuration."

The development comes days after U.S. President Donald Trump signed an executive order setting hard deadlines for federal agencies to move high-value assets and high-impact systems to PQC.

Cybersecurity

Earlier this March, Google announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers. That same month, the tech giant publicly committed to migrating its own infrastructure to be quantum secure by 2029. Web infrastructure company Cloudflare has also followed suit with similar plans to move towards PQC by the same year.

The threat is compounded by what's called "harvest now, decrypt later," where adversaries can collect encrypted data now in hopes of decoding it later once a large-scale quantum machine becomes operational.

What's more, a team of researchers from Google disclosed it had drastically improved upon the quantum algorithm to break elliptic curve cryptography, specifically the 256-bit elliptic curve discrete logarithm (ECDLP-256), using fewer qubits and gates than previously realized.

Separately, a group of academics from Caltech and Oratomic demonstrated a new error-correction approach that could make Shor's algorithm practical with as few as 10,000 reconfigurable qubits and potentially break RSA-2048 and P-256.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Read Entire Article