News
Microsoft Accelerates Post-Quantum Cryptography Transition with Global Standards Push
Quantum computing presents both a potential breakthrough and a cryptographic threat -- one that Microsoft is tackling through what it calls "progress towards next‑generation cryptography."
In a post co‑authored by Mark Russinovich and Michal Braverman‑Blumenstyk, the company underscored that while scalable quantum computing "could break public-key cryptography methods currently in use," the pair said Microsoft is already building the foundations of its quantum‑safe future.
Microsoft's efforts date back to 2014 with research into post‑quantum algorithms and quantum cryptanalysis. "Since 2018 we have been experimenting with verified versions of PQC algorithms and in 2019 Microsoft Research completed testing of an experimental PQC-protected VPN tunnel between Redmond, Washington, and Scotland using the Project Natick underwater datacenter."
The company also joined the Open Quantum Safe project and led the integration workstream of the NIST NCCoE Post‑Quantum project, while contributing its FrodoKEM system toward an ISO cryptography standard.
The centerpiece of its current strategy is the Quantum Safe Program (QSP), launched after EVP Charlie Bell outlined the company's long‑term vision. Microsoft describes QSP as "a comprehensive and company‑wide effort to enable Microsoft, our customers, and partners, to transition smoothly and securely into the quantum era." The program adheres to global timelines, including CISA, NIST, OMB and CNSSP‑15, to complete transition by 2033, with early adoption beginning by 2029.
Per Microsoft:
The QSP strategy is guided by three priorities:
- Make Microsoft quantum safe by updating Microsoft first- and third-party services, supply chain, and ecosystem to become quantum safe and crypto-agile.
- Support customers, partners, and ecosystems to become quantum safe with appropriate tools and guidance.
- Promote global research, standards, and solutions for quantum-safe technologies and crypto-agility.
The approach is phased: first by integrating PQC into foundational cryptographic components like SymCrypt. Already, ML‑KEM and ML‑DSA support are available to Windows Insiders and Linux users through CNG and certificate APIs. Microsoft also has enabled TLS hybrid key exchange as per the latest IETF internet draft via SymCrypt‑OpenSSL to address Harvest Now, Decrypt Later threats. Next come core infrastructure services -- from authentication to signing -- followed by full integration across Windows, Azure, Microsoft 365, AI and networking services.
[Click on image for larger view.]
Figure 1. Microsoft's Quantum Safe Program timeline.
By weaving research, standards collaboration and phased product integration into a unified roadmap, Microsoft is making a pragmatic case for starting now. "Migration to post quantum cryptography (PQC) is not a flip-the-switch moment, it’s a multiyear transformation that requires immediate planning and coordinated execution to avoid a last-minute scramble."