Mirror Review
March 30, 2026
Google recently issued a high-alert warning that quantum computing threats could break standard encryption by 2029.
To counter this, the company is setting a strict 2029 deadline to migrate its authentication services to post-quantum cryptography (PQC).
This article explores why the tech industry is racing to upgrade digital locks before a “cryptographically relevant quantum computer” (CRQC) makes current security obsolete.
Why Quantum Computing Is a Threat to Cryptography
The main problem with quantum computing lies in how these machines process information.
While classical computers use bits (0 or 1) and check possibilities one by one, quantum computers use qubits.
Qubits can exist in multiple states simultaneously through a property called superposition.
This allows them to solve math problems, like factoring massive prime numbers, in minutes, whereas a classical supercomputer might take billions of years.
Because our current “public-key” cryptosystems rely on the difficulty of these math problems, a powerful quantum computer could bypass the locks protecting your bank transfers, private chats, and trade secrets.
Quantum Computing Threats Examples
There are two primary ways these advanced machines put our data at risk:
- Store Now, Decrypt Later: Malicious actors are already harvesting encrypted data today. They cannot read it yet, but they are saving it until a quantum computer is powerful enough to unlock it.
- Forging Digital Signatures: Quantum computers could allow attackers to forge the digital signatures used to verify software updates. This could let them implant “compromised” firmware on devices like phones or cars.
Google’s 2029 Migration Roadmap
Google is not waiting for the threat to arrive.
The company has adjusted its threat model to prioritize Post-Quantum Cryptography (PQC) migration for all authentication services by 2029.
This timeline is based on rapid progress in quantum hardware, error correction, and new estimates on how many resources it takes to break encryption.
“The quantum era is coming. Are we ready to secure it?” asked Kent Walker, President of Global Affairs, Google & Alphabet.
Android 17: Leading the Transition
The upcoming Android 17 release marks a major step in the quantum computing threat to cybersecurity defense strategy.
It integrates the National Institute of Standards and Technology (NIST) standards directly into the mobile platform. Key upgrades include:
- Android Verified Boot (AVB): Using the ML-DSA algorithm to ensure the software loaded during boot is resistant to quantum attacks.
- Android Keystore: Enabling developers to use quantum-safe signatures (ML-DSA-65 and ML-DSA-87) within secure hardware.
- Google Play Hybrid Signatures: Allowing apps to use a combination of classical and PQC keys so they stay secure on both old and new devices.
Quantum Computing Threat To Bitcoin And Ethereum
The crypto industry is facing a split reaction to these quantum computing threats.
Bitcoin uses ECDSA for signatures, which experts agree will be broken by quantum computers in the medium term.
While Ethereum has spent eight years building a detailed post-quantum roadmap and weekly test networks, Bitcoin currently has no coordinated plan or agreed timeline for migration.
Security expert Nic Carter recently warned that “elliptic curve cryptography is on the brink of obsolescence” and urged blockchain developers to bake “cryptographic mutability” into their networks.
Is Quantum Computing a Threat to AI?
Yes, quantum computing is also a concern for the future of Artificial Intelligence.
Cryptography is the foundation that secures AI systems and the data they learn from.
Google advocates that PQC must be treated as a “necessary foundation” for AI innovation to ensure that the economic potential of AI remains secure from future decryption attacks.
How Organizations Can Prepare
Transitioning to new standards is a slow process. NIST previously deprecated the SHA-1 algorithm in 2011, but the phase-out is not expected to be complete until 2030.
Google recommends four “crypto agility” steps for engineering teams:
| Action | Description |
| Inventory | Know exactly which cryptographic algorithms your organization uses. |
| Key Rotation | Regularly test the ability to move new keys into production without causing outages. |
| Abstraction | Use tools like “Tink” to switch algorithms without rewriting massive amounts of code. |
| Testing | Ensure your stack can handle the larger key and signature sizes required by PQC. |
End Note
The rise of quantum computing and the arrival of a “cryptographically relevant” quantum computer are no longer viewed as distant fantasies.
By setting a 2029 deadline, Google is signaling that the gap between experimental chips and machines capable of breaking encryption is closing faster than expected.
While quantum computing threats are serious, the proactive shift to post-quantum cryptography in platforms like Android 17 and Chrome offers a clear path toward a secure digital future.
Maria Isabel Rodrigues
