Move Up to 2029! Google Sets Post-Quantum Cryptography Migration Deadline, Bitcoin Encryption Technology Faces Incoming Risks

Google announces 2029 as the deadline for post-quantum cryptography transition! Quantum computers may threaten the security of cryptocurrencies like Bitcoin, but the blockchain industry has already been actively preparing for quantum-resistant upgrades. Experts urge the public not to panic excessively.

Google Prepares for Quantum Threat, Sets 2029 as Transition Deadline

Google has announced that the deadline for migrating to post-quantum cryptography (PQC) is set for 2029, warning that the “quantum frontier” may be closer than expected, and even earlier than some industry predictions of the quantum day (Q-Day)—the point when quantum computers can break current public key cryptography algorithms. Cryptography used in cryptocurrencies also faces risks.

In an official press release, Google calls on the industry to adopt PQC algorithms quickly to replace vulnerable elliptic curve and RSA encryption technologies.

Google’s Vice President of Security Engineering Heather Adkins and senior cryptography engineer Sophie Schmieg stated that Google has a responsibility to lead by example with a clear timetable, providing direction and urgency to accelerate digital transformation across the industry.

Concerning threats to cryptographic technology, attacks that store data now for future decryption are already happening. Digital signatures pose a potential future risk and must be transitioned before cryptography-related quantum computers (CRQC) emerge.

Google urges industry engineering teams to prioritize migrating identity verification services to post-quantum cryptography.

Android 17 Supports PQC First, Upgrading Hardware Security

Google also publicly announced plans to support post-quantum cryptography in its operating systems for the first time. Starting with the beta, Android 17 will support the US National Institute of Standards and Technology (NIST)-endorsed digital signature standard ML-DSA, allowing developers to sign applications using PQC keys.

Google states that ML-DSA has been integrated into the verified boot database to ensure the boot process is tamper-proof, and remote attestation mechanisms are shifting to PQC standards. The Android keystore will also support ML-DSA, enabling developers to generate and store keys directly in hardware. Future developer signatures in Google Play Store are also planned to transition to PQC architecture.

Image source: commons.wikimedia, Samsung Galaxy Note 10 Google sets 2029 as the deadline for post-quantum migration, with Android 17 leading PQC support

Cryptography Timeline Accelerates, Bitcoin and Ethereum Face Quantum Risks

With breakthroughs in quantum technology, cryptographic risks for cryptocurrencies are becoming more apparent.

Bitcoin relies on elliptic curve cryptography, which can be cracked by quantum computers using Shor’s algorithm. Having the public key is enough for a quantum computer to derive the private key. Problems that would take hundreds of years for traditional computers could be solved within feasible timeframes by quantum computers.

Security firm Project Eleven previously estimated that over 6.8 million Bitcoin are stored at vulnerable addresses. Ark Invest and Unchained data indicate that about 35% of the total Bitcoin supply is stored at theoretically vulnerable addresses. However, CoinShares research offers a different perspective, suggesting only around 10,000 Bitcoin are truly at risk.

Ethereum co-founder Vitalik Buterin has warned that there is a 20% chance that quantum computers capable of threatening modern cryptography will emerge before 2030, and quantum computing might even have the ability to compromise Ethereum’s security model as early as 2028. He advocates that Ethereum’s quantum resistance upgrades must be completed before 2028.

Blockchain Industry Implements Quantum Resistance Strategies, Adam Back Says No Need to Panic

In response to potential threats, blockchain networks have begun taking action. Blockchain company BTQ Technologies has deployed BIP 360 in the Bitcoin quantum testnet, introducing a Pay-to-Merkle-Root output type to defend against quantum attacks. Over 50 miners are currently participating in testing.

• Related news: Countering Bitcoin’s quantum threat! BTQ testnet implements BIP 360, with 50 miners participating in trial mining

Other blockchains are also taking steps. The Ethereum Foundation has launched the Post-Quantum Ethereum Resource Center, planning to implement quantum-resistant solutions at the protocol level before 2029; Solana Foundation and Project Eleven are testing quantum digital signature technology on testnets; Aptos Labs has proposed governance measures to introduce NIST-standardized signature schemes.

While the crypto industry is actively preparing, experts believe investors need not panic excessively. First, Google’s statement only indicates plans to prepare early and does not mean quantum computers will crack encryption by 2029.

Blockstream CEO Adam Back previously stated that quantum risks are overstated and that no action is needed for the next few decades; New Zealand University of Auckland computer science professor Peter Gutmann dismisses PQC as nonsense, noting that quantum computers have not even succeeded in factoring the number 21, let alone breaking modern encryption, and has called PQC a form of divination during a speech.

On the other hand, Ethan Heilman, a security researcher proposing BIP-360, admits that fully implementing quantum-resistant technology in Bitcoin could still take about seven years.

Further reading:
Satoshi’s Million Bitcoins at Risk from Quantum Threat! Developer Proposal: Phased Phase-Out of Old Wallets

Is Post-Quantum Cryptography Necessary? Experts Say: It’s Hard to Factor 21, Let Alone Break Modern Encryption