3175x175(CURRENT).thumb.jpg.b05acc060982b36f5891ba728e6d953c.jpg)
Google has officially established a 2029 timeline to transition its ecosystem toward post-quantum cryptography (PQC) era.
Quantum computers are already being explored to solve problems in drug discovery, materials science, and energy that are difficult or impossible for today’s classical supercomputers. At the same time, these systems could potentially break the cryptographic technologies widely used across the industry. As a result, industry leaders and standards bodies have been working on post-quantum cryptography for several years.
Last year, Microsoft announced the general availability of Post-Quantum Cryptography (PQC) algorithms in Windows Server 2025 and Windows 11 clients (24H2, 25H2) and .NET 10. Today, Google announced a 2029 timeline to secure the quantum era with post-quantum cryptography (PQC) migration. As part of this migration, Android is receiving PQC enhancements starting in the next Android 17 beta.
Android 17 will come with the following two major PQC improvements:
- Upgrading Android Verified Boot (AVB): The AVB library is integrating the Module-Lattice-Based Digital Signature Algorithm (ML-DSA). This provides quantum-resistant digital signatures, ensuring the software loaded during the boot sequence remains highly resistant to unauthorized modification.
- Migrating Remote Attestation: Android 17 begins the transition of Remote Attestation to a fully PQC-compliant architecture under current standards. By updating KeyMint's certificate chains to support quantum-resistant algorithms, devices can securely prove their state to relying parties, maintaining trust in a post-quantum environment.
Apart from the above OS-level improvements, Android 17 will also help developers adopt PQC technologies. For example, Android Keystore will natively support ML-DSA, allowing developers to make use of quantum-safe signatures entirely within the device’s secure hardware. The new PQC SDK will allow developers to use both ML-DSA-65 and ML-DSA-87 in the standard KeyPairGenerator API.
Google also announced that Google Play will allow developers to automatically generate "hybrid" signature blocks that combine classical and PQC keys to sign Google Play apps and games. This will preserve current trust while adding post-quantum defenses to block unauthorized updates in the PQC era.
Hope you enjoyed this news post. Feedback welcome.
Posted Thursday 26 March 2026 at 5:34 pm AEST (my time).
News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of February) 854
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.