Blog

The 2029 quantum-security wake-up call

Google and Cloudflare have pulled their post-quantum migration targets toward 2029. The lesson for enterprises is not panic; it is that authentication, signing, and crypto inventory need executive attention now.

  • Published
  • Reading time 3 min
  • Editorial Quanten Security

For years, post-quantum migration planning has sounded like a 2030s problem. That timeline is now compressing in public. In March 2026, Google announced a 2029 target for its post-quantum cryptography migration. In April 2026, Cloudflare also said it is targeting 2029 to be fully post-quantum secure, including post-quantum authentication.

The right response is not panic. It is a sharper programme question: if the largest internet infrastructure teams are treating 2029 as an execution deadline, can your organisation still afford to treat PQC as a research item?

Why 2029 matters

Google tied its timeline to progress in quantum hardware, error correction, and factoring resource estimates. The company also highlighted a distinction that boards need to understand: encryption risk is already present through store-now/decrypt-later attacks, while digital-signature risk becomes acute before a cryptographically relevant quantum computer arrives.

Cloudflare’s 2029 roadmap makes the same shift visible. It argues that the industry must move beyond protecting encrypted traffic and focus on authentication. If a future attacker can forge a server certificate, a software-update signature, or a remote-login credential, the problem is no longer only historic confidentiality. It is live trust.

The uncomfortable part: authentication is harder

Hybrid TLS key exchange can often be rolled out by upgrading clients, libraries, servers, and CDNs. That is still real work, but it can fit into normal infrastructure change. Post-quantum authentication is more invasive. It touches certificate authorities, root stores, device identity, code signing, HSM boundaries, firmware verification, package managers, mobile apps, identity providers, and long-lived offline verification chains.

That is why a 2029 target changes the sequence. Waiting until every PQ signature standard, product, and certificate ecosystem is frictionless leaves too little time for inventory, pilots, vendor remediation, procurement, rollout, exception handling, and audit evidence.

What a serious 2026 plan looks like

  • Inventory cryptographic trust anchors. Count certificates, signing keys, SSH keys, package-signing roots, firmware verification keys, HSM-backed keys, and private PKI.
  • Separate confidentiality and authenticity timelines. HNDL risk prioritises long-lived data now; authentication risk prioritises trust systems before a CRQC exists.
  • Demand vendor evidence. Ask for supported algorithms, rollout dates, hybrid modes, validation posture, key-size impact, and rollback controls.
  • Run narrow pilots. Measure hybrid TLS, PQ signatures in non-public signing paths, certificate-size impact, and operational failure modes.
  • Create executive metrics. Report inventory coverage, PQC-capable traffic, classical-only exceptions, supplier readiness, and critical-signing migration status.

The 2029 signal does not prove that Q-Day arrives in 2029. It proves that credible infrastructure operators no longer see the migration as safely distant. That is enough. Enterprises do not need prophecy to act; they need a defensible readiness programme that starts while standards, vendors, and internal systems can still be moved deliberately.

Further reading: Google’s 2029 PQC migration timeline, Cloudflare’s 2029 post-quantum roadmap, and NIST’s PQC project guidance.