Microsoft Warns Quantum Encryption Risk Is Getting Closer
(Originally posted on : Crypto News – iGaming.org )
Microsoft wants its products ready for early quantum safe adoption by 2029, years before a powerful quantum computer may threaten encryption used across cloud services, banking and private communications.
Good to know
- Microsoft plans early quantum safe capabilities by 2029 and a wider transition by 2033.
- NIST finalized its first three main post quantum encryption standards in 2024.
- Attackers can steal encrypted information today and save it for future quantum decryption.
Stolen Data Creates A Risk Before Q Day
Q Day describes the point when a cryptographically relevant quantum computer can break widely used public key encryption. Nobody knows the exact date, but Microsoft now believes preparation cannot wait for the hardware to arrive.
Stored information creates the more immediate problem. Under a “harvest now, decrypt later” attack, criminals collect encrypted files that remain valuable for years. A future quantum computer could then expose medical records, government information, intellectual property or financial data that looked secure when stolen.
Microsoft said post quantum cryptography once looked like an important but distant issue. Faster progress in quantum computing and the scale of replacing old encryption have changed that assessment.
Migration can take years because encryption sits inside certificates, identity systems, software libraries, hardware, cloud infrastructure and supply chains. Companies first need to find every system that depends on vulnerable algorithms before they can replace them.
Microsoft Sets 2029 Target
The Microsoft Quantum Safe Program covers more than new encryption algorithms. It also includes identity, data, infrastructure and supply chain protection, along with cryptographic agility so systems can adopt different algorithms when standards change.
Post quantum cryptography uses mathematical problems designed to resist both traditional and quantum computers. However, the newer systems often require larger keys, more bandwidth and extra processing time, which makes deployment more complicated.
NIST released its first three finalized post quantum standards in August 2024 and urged organizations to begin migration. Microsoft has already added early post quantum capabilities for selected Windows and Linux users while working with NIST, IETF and other standards groups.
No algorithm can carry an absolute guarantee against technology that does not yet exist. Microsoft therefore favors tested standards, hybrid systems and designs that let companies replace cryptography without rebuilding entire products.