Europe

Google warns quantum computers could break today’s encryption by 2029

Post-quantum upgrades target authentication and digital signatures first, public procurement cycles risk turning cryptography into a slow-motion emergency

Images

One of Google’s quantum computers in California. Encryption currently in use ‘could easily be broken in coming years’, it said. Photograph: Reuters One of Google’s quantum computers in California. Encryption currently in use ‘could easily be broken in coming years’, it said. Photograph: Reuters theguardian.com

Google has warned that quantum computers could be capable of breaking widely used encryption systems by 2029, urging banks, governments and technology providers to accelerate the shift to post-quantum cryptography.

According to The Guardian, Google said current encryption “could easily be broken” by a sufficiently large quantum machine in the coming years, and that it has adjusted its internal threat model to prioritise post-quantum migration for authentication and digital signatures. The company’s message is not that such a computer exists today, but that the lead time for replacing cryptography across large systems is long enough that waiting for a definitive date is itself a risk.

Quantum computing remains constrained by engineering reality: systems require extreme cooling or precise laser alignment, and today’s machines are too small and unstable for the “cryptographically relevant” attacks that worry security agencies. Even so, the practical threat is already here in a different form. The Guardian notes the “store now, decrypt later” strategy: attackers can steal encrypted data today and hold it until decryption becomes feasible. That turns encryption upgrades into a race against time for anything with a long shelf life—defence procurement files, diplomatic cables, industrial designs, health records, and payment credentials.

Europe’s exposure is partly technical and partly institutional. Cryptography is embedded in identity infrastructure, tax systems, procurement portals, banking rails, and the software supply chains of thousands of public contractors. The most expensive failures tend to appear where responsibility is diffuse: one agency buys a “secure” system, another runs it, a third audits it, and no one owns the cost of a breach until after the incident. In the private sector, a compromised authentication system can wipe out a business; in the public sector, it can become a multi-year remediation programme.

Governments are already setting timelines. The UK’s National Cyber Security Centre has urged organisations to be prepared by 2035, but Google’s 2029 warning compresses the planning horizon for high-value targets and for systems that cannot be swapped out quickly. Authentication is a bottleneck: if signatures and certificates fail, everything from software updates to citizen logins becomes suspect.

The migration itself will not be evenly priced. Large cloud and platform providers can amortise the transition across global fleets; smaller banks, municipalities and critical-infrastructure operators will face bespoke upgrades, procurement delays and vendor dependency. If the breach comes first, the invoice arrives anyway—just with less leverage and more urgency.

Google’s warning is about computers that do not yet exist. The work it demands is on systems that do.