Microsoft aims for quantum-ready systems, products by 2033

Microsoft plans to complete its transition to quantum-ready cryptographic standards by 2033, with early adoption of those capabilities in 2029, the tech giant said Wednesday.
In a blog post, the company outlined its plans to transition to standards that will be able to thwart attempts by forthcoming quantum computers to decode encrypted information. That approach is dependent on factors such as performance constraints and risk of systems, and prioritizes its core infrastructure. A completion date of 2033 would be two years before a deadline set by most governments, according to the post.
“Migration to post quantum cryptography (PQC) is not a flip-the-switch moment, it’s a multi-year transformation that requires immediate planning and coordinated execution to avoid a last-minute scramble,” the post said.
While the advancements aren’t fully realized yet, quantum computers are expected to be able to crack current methods of encryption that keep digital information private. Those traditional encryption methods — essentially complex math problems — were developed with conventional computing in mind, but new standards commonly known as post-quantum cryptography are designed to prevent threats from classical and quantum computers alike.
Microsoft’s security posture is particularly important given the federal government’s reliance on its products. In recent years, it’s been the target of large-scale cyberattacks, including a 2024 Russia-linked breach that impacted the U.S. government as well as a more recent attack that impacted its SharePoint services for federal customers. Quantum computing is poised to only exacerbate cyber threats, demanding readiness efforts from both the public and private sector.
According to the blog, Microsoft’s Quantum Safe Program will accelerate the transition for core infrastructure, such as signing services and network services, starting in 2026. It will then begin to integrate quantum-ready standards to Windows, Azure, Microsoft 365, data platforms, AI services and networking in 2027.
The company has already integrated quantum-ready algorithms to components such as its SymCrypt, which provides security for Windows, Azure and Microsoft 365, among other products. Microsoft expects to add additional capabilities through the next five years, the post said.
Development of Microsoft’s plan began with an enterprise-wide inventory to investigate potential asset risks, which is also an approach taken by federal agencies. That was followed by collaboration with industry leaders to address those risks, research quantum safety, and focus on innovation in hardware and firmware, per the post.
Microsoft, as a result, said it’s on track with timelines set by governments across the globe and expects to meet the most aggressive deadlines set by the Committee on National Security Systems Policy in CNSSP-15. That policy requires adoption of Commercial National Security Algorithm Suite 2.0 — requirements for U.S. national security systems, as well as guidance for the Defense Department and its partners — in all new products and services that have cryptographic protection starting in January 2027.