The world is approaching a moment once thought impossible. Breakthroughs in drug discovery, materials science, energy, and many other fields are coming within reach—thanks to quantum computers.
Quantum computers are fundamentally different from today’s machines. They can explore many possibilities at once and solve problems that even the most powerful classical supercomputers cannot. While this capability promises major scientific advances, it also creates a serious security risk.
The same power that allows quantum computers to unlock scientific mysteries could also break the digital locks we rely on today. Public-key cryptography—the system that protects bank transactions, private messages, trade secrets, and classified information—would be vulnerable to a sufficiently powerful quantum computer. Put simply: the encryption that keeps your data safe today could be broken by a large-scale quantum computer in the future.
Even though such machines are not fully available yet, attackers are not waiting. Many are already carrying out “store now, decrypt later” attacks, collecting encrypted data with the expectation that quantum computers will eventually be able to unlock it.
Over the past decade, advances in quantum computing research have dramatically reduced the resources needed to break widely used encryption methods like 2048-bit RSA, while also improving the ability to simulate complex molecules. These trends make preparation urgent, not optional.
That’s why we’re sharing an update on our efforts to protect users in the quantum era—and offering recommendations for policymakers to help strengthen security across society.
The security community has not been standing still. Cryptography experts have developed post-quantum cryptography (PQC): new algorithms designed to remain secure even against large-scale quantum computers. After years of global collaboration, the U.S. National Institute of Standards and Technology (NIST) finalized the first set of PQC standards in 2024.
At the same time, quantum hardware and software continue to advance. For that reason, Google has been preparing for a post-quantum world since 2016. This includes early experiments with PQC, deploying post-quantum protections across products and infrastructure, and sharing research through threat models and technical papers.
Preparing for the quantum era requires both research and action. Our focus includes two major commitments:
Advancing PQC research and timelines
Where appropriate, we will share research that sheds light on how quantum advances affect the effort required to break public-key cryptography. These insights help refine migration timelines and clarify how different sectors—such as healthcare and finance—may be impacted by cryptographically relevant quantum computers (CRQCs).
Completing the transition to PQC
We are on track to complete a secure PQC migration in line with NIST guidelines. PQC is already being rolled out across our internal systems and products. Our approach emphasizes crypto agility, securing shared infrastructure, and supporting broader ecosystem transitions to create long-term resilience.
These efforts reflect a deep investment in the future of the digital economy. But security in the quantum era is not something any one organization can handle alone. It will require coordinated action across governments, industry, and research institutions.
Five actions policymakers can take to prepare for the quantum era
- Build momentum across critical infrastructure
Preparation must extend beyond government systems to vital sectors such as energy, telecommunications, and healthcare. Addressing workforce gaps and protecting trust infrastructure—such as certificate authorities—are essential to accelerating progress. - Design AI with PQC at its foundation
Cryptography underpins AI systems. As AI becomes more central to economic growth, PQC must be treated as a core requirement for long-term security and innovation. - Avoid global fragmentation
A unified approach matters. The NIST PQC standards provide a globally recognized, scalable benchmark. Broad adoption will help prevent fragmented, insecure solutions. - Prioritize cloud-first modernization
Updating cryptography across legacy systems is complex and costly. PQC strengthens the case for cloud migration, allowing governments to rely on providers that are already deploying post-quantum protections across global networks. - Engage experts to avoid strategic surprise
A CRQC is not perpetually “ten years away.” While the exact timeline is uncertain, ongoing dialogue with researchers and expert groups—such as quantum research teams—helps policymakers stay ahead of emerging risks.
The bottom line is this: quantum computing has the potential to deliver extraordinary benefits. But ensuring those breakthroughs don’t come with widespread security failures will take collective effort. With preparation today and collaboration across sectors, the quantum era can be defined by progress—not disruption.
Source: blog.google Edited by Bernie
