Microsoft pulls forward quantum-safe encryption deadline to 2029

Microsoft is accelerating its quantum-safe security roadmap to transition critical products and services to post-quantum cryptography by 2029. The move reflects advances in quantum computing that have shifted the risk horizon for "harvest now, decrypt later" attacks sooner than previously expected.

Source:BleepingComputer

Post

Microsoft pulls forward quantum-safe encryption deadline to 2029

TL;DRAI · 60 sec read

Microsoft is speeding up its timetable for adopting quantum-resistant security measures, as breakthroughs in quantum computing have shortened the window before current encryption methods face real threats.

Microsoft sets 2029 deadline for critical products. The company will move "critical products and services" to post-quantum cryptography (PQC) by 2029 under its Microsoft Quantum Safe Program (QSP) while weaving quantum-safe standards into the Secure Future Initiative (SFI) to monitor progress with other security targets.

In a blog post Microsoft explained that "advances in quantum research and development have shifted the risk horizon" and that "cryptographically relevant quantum computers could arrive sooner than previously expected."

For years the firm treated post-quantum migration as a distant priority. In a blog post Microsoft explained that "advances in quantum research and development have shifted the risk horizon" and that "cryptographically relevant quantum computers could arrive sooner than previously expected."

Harvest-now-decrypt-later attacks drive urgency. Even though existing quantum machines cannot break today's encryption, experts have long cautioned against "harvest now, decrypt later" attacks in which adversaries steal and archive encrypted data today for decryption once sufficiently powerful quantum systems emerge.

From The CircuitryThe Feed — live briefs across tech, all day.See what’s happening →

Firms such as Apple, Google, and Signal are already deploying PQC to replace vulnerable public-key algorithms. Microsoft has urged preparation for years but now stresses that the transition timeline must be compressed.

Three priorities guide the accelerated roadmap. Instead of rushing solely to adopt fresh algorithms, the company recommends modernizing underlying infrastructure first. Its three focus areas include adopting up-to-date network protocols such as TLS 1.3 that ease hybrid and post-quantum key exchanges, developing crypto-agility that permits swapping algorithms without rebuilding applications, and refreshing trust chains that secure code signing, certificate issuance, software updates, and hardware-protected keys.

The firm noted that the required preparation work is substantial, so organizations should begin immediately. Integrating the QSP into the Secure Future Initiative will let teams track quantum readiness alongside broader security objectives.

Microsoft withholds details on specific quantum advances. The company has not disclosed which particular developments prompted the schedule change or why it now anticipates earlier quantum breakthroughs. BleepingComputer reached out to Microsoft for clarification on shifts from prior guidance and will update this article if a reply arrives.

EXPERT TAKE

Enterprises should treat Microsoft's 2029 target as a forcing function to audit crypto inventories and build crypto-agility now, before regulatory or customer mandates accelerate the timeline further.

Why this mattersAI · ~100 words

Tap a lens to see what this story means for you.

Reader-supported

DonateBuy me a coffee →Follow@thecircuitry_ →Follow@thecircuitry.to →

Reader-supported · Daily Brief

Daily brief at 7 AM ET. Top tech stories, every morning. Sourced and fact-checked.

HELP US IMPROVE

Reader-supported

The Circuitry is a passion project I've always wanted to build, and I love the work behind it.

Running it costs real money. APIs, hosting, time. To keep improving the site and growing this into something useful for everyone, those costs have to be covered.

Any contribution is appreciated. If not, no pressure. Thanks for reading.

Buy me a coffee

Microsoft Quantum Computing Post-Quantum Cryptography Security

MORE IN TECH

FTC fines Amazon $2.25 million over alleged failures to aid identity theft victims

The FTC has fined Amazon $2.25 million after the agency determined the company refused to supply identity theft victims with records of fraudulent purchases, violating the Fair Credit Reporting Act. The settlement obliges Amazon to strengthen its handling of such customer requests.

Anthropic replaces Sonnet 4.6 with new default Claude Sonnet 5

Anthropic has replaced Claude Sonnet 4.6 with Sonnet 5 as its default medium-sized model for free and Pro users, emphasizing stronger agentic performance at lower cost than larger models. The update narrows the gap to Opus 4.8 while introducing introductory pricing through August 31, 2026, and expanded rate limits.

Tesla Officially Plans FSD v14 Lite Expansion to Global HW3 Owners

Tesla confirmed plans to extend FSD v14 Lite to international HW3 owners once the U.S. rollout advances, though regulatory approvals, technical checks and local adaptations will determine the schedule. The update arrives 14 months after the last major FSD revision for the aging hardware and will not be followed by point releases or a v15 Lite edition.