Jane Edwards
Microsoft plans to enable early adoption of quantum-safe capabilities by 2029 and aims to complete the transition of its products and services to a post-quantum cryptography, or PQC, standard by 2033.
In a blog post published Wednesday, Mark Russinovich and Michal Braverman-Blumenstyk of Microsoft wrote that the completion date for the PQC transition effort would be two years before a deadline set by most governments.
Russinovich is Microsoft Azure’s chief technology officer. Braverman-Blumenstyk is a corporate vice president, CTO of Microsoft’s security division and managing director of the tech company’s Israel R&D Center.
The timeline is part of the Microsoft Quantum Safe Program, or QSP, strategy, which is a companywide effort to enable the company, partners and customers to migrate securely to PQC.
Microsoft QSP Strategy
According to the blog post, three priorities guide the Microsoft QSP strategy: making Microsoft quantum safe by updating first- and third-party services, ecosystem and supply chain to become quantum safe and crypto-agile; supporting customers, ecosystems and partners to become quantum safe with appropriate guidance and tools; and promoting global research and standards for quantum-safe technologies and crypto-agility.
The Microsoft QSP strategy has three phases: foundational security components; core infrastructure services; and all services and endpoints.
According to the timeline, Microsoft started integrating PQC algorithms into SymCrypt Core Crypto Library and other foundational components in 2023, the same year when Microsoft QSP was launched.
By 2026, the company will advance the transition of signing services, key and secret management, network services, Microsoft Entra authentication and other core infrastructure services to quantum-safe standards.
Microsoft expects to begin integrating PQC into Windows, Azure services, Microsoft 365, artificial intelligence services, data platforms, networking and other endpoints and services by 2027.
