Quantum computers don't exist yet in a cryptographically relevant manner to threaten internet security. Google, however, thinks this window is closing faster than it had previously anticipated.
The company recently announced a 2029 timeline to migrate its systems to post-quantum cryptography, citing faster-than-anticipated progress in quantum hardware, error correction, and factoring estimates.
The threat has a name in security circles: the “quantum apocalypse.” It alludes to the moment when quantum computers will become powerful enough to break today’s encryption, which currently only works because breaking it requires far more computing power than anything that exists.
Quantum computers could very soon process information in ways that sidestep that problem entirely. When they're capable enough, the math protecting private messages, financial data, and classified files could stop working.
The part that makes this scenario urgent now rather than later has something to do with what's called “store-now-decrypt-later.”
According to Google, malicious actors are likely already stealing encrypted data today, stockpiling it, and holding it until quantum computers are capable of cracking it. The theft is perhaps already happening. The decryption will come years down the line. Whatever was protected will then become readable in retrospect.
The solution is post-quantum cryptography (PQC). Essentially, it is encryption designed to remain secure even when quantum computers become powerful enough to break today’s standards. Google has been working on it alongside its quantum hardware development.
The tech giant is now putting this solution into practice with an aggressive timeline. The 2029 deadline is for Google's own systems. The announcement is also directed outward. Migrating large infrastructure to new encryption standards takes years. Organizations that haven't started are already behind.
Sources: Google, The Independent