Harvest Now, Decrypt Later: Urgent Need for Post-Quantum Cryptography Migration
Summary
Hide ▲
Show ▼
Google has accelerated the timeline for post-quantum cryptography (PQC) migration, warning that traditional encryption methods could become obsolete as early as 2029 due to quantum computing advancements. The 'Harvest Now, Decrypt Later' (HNDL) strategy remains a critical threat, with adversaries storing encrypted data for future decryption. Organizations must urgently adopt PQC to secure long-term sensitive data, with Google’s Android 17 integrating PQC digital signature protection in alignment with NIST standards. Regulatory and industry timelines, including those from the NSA and NCSC, remain aligned around 2033–2035, but Google’s 2029 deadline underscores the need for immediate action.
Timeline
-
26.02.2026 14:06 2 articles · 1mo ago
Urgent Call for PQC Migration to Counter Quantum Threats
Google warns that traditional encryption methods could become obsolete by 2029 due to quantum computing advancements, accelerating the timeline for post-quantum cryptography (PQC) migration beyond earlier estimates of 2033–2035. The 'Harvest Now, Decrypt Later' (HNDL) strategy remains a critical threat, with adversaries storing encrypted data for future decryption. Organizations must urgently adopt PQC to secure long-term sensitive data, with Google’s upcoming Android 17 integrating PQC digital signature protection using ML-DSA in alignment with NIST standards.
Show sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
Information Snippets
-
Adversaries are accumulating encrypted data with the intention of decrypting it later using quantum computers, targeting long-term sensitive data.
First reported: 26.02.2026 14:062 sources, 2 articlesShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
-
Current encryption methods are vulnerable to future quantum computing capabilities, which could break modern encryption in minutes by 2030-2035.
First reported: 26.02.2026 14:062 sources, 2 articlesShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
-
Post-Quantum Cryptography (PQC) provides new cryptographic algorithms designed to withstand attacks from both classical and quantum computers.
First reported: 26.02.2026 14:062 sources, 2 articlesShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
-
PQC migration involves a complex process that spans the entire organization and requires a dedicated migration team with cryptography and cybersecurity experts.
First reported: 26.02.2026 14:061 source, 1 articleShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
-
The migration process includes five key phases: Preparation, Diagnosis, Planning, Execution, and Continuous Monitoring and Update.
First reported: 26.02.2026 14:062 sources, 2 articlesShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
-
Organizations face three interdependent categories of challenges in PQC migration: Organizational, PQC, and Code and Documentation challenges.
First reported: 26.02.2026 14:061 source, 1 articleShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
-
Solutions to key challenges include establishing urgency, launching training initiatives, appointing a PQC migration manager, and adopting a hybrid PQC approach.
First reported: 26.02.2026 14:061 source, 1 articleShow sources
- Expert Recommends: Prepare for PQC Right Now — thehackernews.com — 26.02.2026 14:06
-
Quantum computing could render traditional encryption methods obsolete by 2029, according to Google's warning.
First reported: 27.03.2026 14:301 source, 1 articleShow sources
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
-
Google's upcoming Android 17 will include PQC digital signature protection using ML-DSA, aligning with NIST standards.
First reported: 27.03.2026 14:301 source, 1 articleShow sources
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
-
The timeline for post-quantum cryptography migration has been accelerated, with Google suggesting 2029 as the new deadline instead of 2033–2035.
First reported: 27.03.2026 14:301 source, 1 articleShow sources
- Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google — www.infosecurity-magazine.com — 27.03.2026 14:30
Similar Happenings
Preparing for Quantum Computing Threats with Post-Quantum Cryptography
Organizations are urged to prepare for the future threat of quantum computing, which could break current encryption standards. The 'harvest now, decrypt later' tactic involves attackers collecting encrypted data today to decrypt it later using quantum computers. Security leaders are encouraged to adopt post-quantum cryptography to protect long-term sensitive data. A webinar will discuss practical steps, including hybrid cryptography, to mitigate this emerging risk.
CISA Publishes Initial List of Post-Quantum Cryptography Product Categories
The US Cybersecurity and Infrastructure Security Agency (CISA) has released an initial list of hardware and software product categories that support or are expected to support post-quantum cryptography (PQC) standards. This list aims to guide organizations in planning for PQC adoption and shaping technology investment strategies amid the rise of quantum computing. The release follows Executive Order 14306, issued in June 2025, which directed CISA to identify widely available products using PQC standards. The list, compiled in collaboration with the National Security Agency (NSA), will be regularly updated to reflect developments in quantum-resistant technologies. The product categories outlined in CISA’s list focus on technologies that are either widely available or transitioning to use PQC standards, including cloud services, web software, networking hardware and software, and endpoint security. Key establishment enables secure encrypted communication between parties, while digital signatures assure the authenticity of participants and the integrity of data, products, and services.
Financial and Government Sectors Urged to Prepare for Quantum Computing Threats
Financial firms, government agencies, and other sectors are advised to prepare for the eventual arrival of quantum computers, which pose a significant risk to current encryption standards. The Financial Services Information Sharing and Analysis Center (FS-ISAC) warns that delaying the adoption of post-quantum encryption leaves firms vulnerable to future threats. Sensitive data harvested today could be decrypted in the future by quantum computers, necessitating immediate action. The FS-ISAC and other experts emphasize the need for cryptographic agility and the adoption of post-quantum cryptography to mitigate risks. The timeline for preparing for quantum computing threats is pressing, as the time required to secure data and upgrade encryption systems must occur before the arrival of a cryptographically relevant quantum computer (CRQC).
Microsoft outlines quantum-safe transition plan for core products and services
Microsoft has updated its Quantum-Safe Program (QSP) roadmap, aiming to make its products and services quantum-safe by 2033. This includes integrating post-quantum cryptography (PQC) algorithms into core components and services in phases, with early deployment expected by 2029. The plan aligns with broader industry efforts to mitigate the risks posed by quantum computing to modern cryptographic algorithms. Microsoft's strategy involves a modular framework that considers each service's unique requirements, performance constraints, and risk profile. The roadmap outlines three phases: integrating foundational security components, core infrastructure services, and all services and endpoints. The company has already integrated PQC algorithms into SymCrypt, a cryptographic library used across Windows, Azure, and Microsoft 365.