Google Sets 2029 Target for Post-Quantum Cryptography Migration, Six Years Ahead of Government Goal, Crypto Industry Must Keep Pace

Google Announces 2029 as the Deadline for Post-Quantum Cryptography (PQC) Migration, Six Years Ahead of the U.S. Federal Government’s 2035 Goal; Major Blockchains from Ethereum and Solana to Bitcoin Face Very Different Response Strategies.
(Background: Bitcoin rebounds to $72,000 and remains volatile; Middle East tensions ease, “liquidation only $152 million,” but market sentiment remains extremely panicked.)
(Additional context: K33 Research: Bitcoin enters a bottoming phase, gradually shaking off the selling gloom.)

Table of Contents

Toggle

• More Urgent Than the Government: 2029 vs 2035
• Willow Chip: The Reality Pressure of 105 Qubits
• Core Risks Facing Cryptocurrencies
• Responses Across Chains: Divergences from Ethereum to Bitcoin
• 2029: Is It Enough?

The countdown to the quantum threat has prompted Google to accelerate the entire tech industry. This Wednesday, Google officially announced on its blog that 2029 will be the deadline for all its products to complete the transition to post-quantum cryptography—this is the first time Google has publicly disclosed a specific timeline, and it is currently the most aggressive enterprise-level migration target known in the industry.

“Quantum computing poses a significant threat to current cryptographic standards, especially encryption and digital signatures,” Google stated, emphasizing that post-quantum cryptography migration is essential for users to securely use authentication services.

More Urgent Than the Government: 2029 vs 2035

In comparison, the U.S. National Institute of Standards and Technology (NIST) plans to deprecate RSA digital signatures (2048-bit keys) by 2030, with a full ban by 2035; the White House’s 2022 NSM-10 national security memo also sets 2035 as the target for federal system migration.

Google’s 2029 deadline is six years earlier, even ahead of some industry estimates for “Q-Day”—the point when quantum computers become powerful enough to break current public key encryption standards.

Google explained the motivation for setting such an aggressive deadline: “We have a responsibility to lead by example and set an ambitious schedule. Through this, we hope to provide clear direction and urgency for Google and the entire industry’s digital transformation.”

Willow Chip: The Reality Pressure of 105 Qubits

Google’s urgency is backed by progress in its own quantum hardware development. Currently, Google is advancing the development of the quantum chip Willow, which has a computational capacity of 105 qubits, making it one of the most powerful in the industry.

Rapid breakthroughs in quantum error correction techniques, along with updated estimates on how long it takes for quantum machines to crack current encryption standards, have led Google to conclude that earlier action is necessary. On the software side, Android 17 will soon incorporate NIST-compliant post-quantum digital signatures (ML-DSA).

Google also introduced the concept of “cryptographic agility”—system architectures must be able to quickly replace underlying encryption algorithms without service interruption to respond to future threats.

Core Risks Facing Cryptocurrencies

The potential impact of quantum computing on the cryptocurrency industry cannot be ignored: once quantum computers reach sufficient power, they could crack elliptic curve cryptography (ECDSA) used to protect digital assets, exposing private keys.

However, industry opinions on the scope of the risk vary—some believe only wallets with publicly revealed addresses are vulnerable, while others argue all unused coins face the same threat. No consensus has been reached yet.

Responses Across Chains: Divergences from Ethereum to Bitcoin

Faced with the same quantum threat, different blockchain networks are taking very different approaches.

Ethereum Foundation launched the “Post-Quantum Ethereum” resource center this Tuesday, aiming to protect the entire network at the protocol level from quantum attacks—planning to integrate quantum-resistant solutions into the execution layer by 2029, safeguarding billions of dollars in assets.

Solana developers had already established a quantum-resistant vault system in January 2025, generating new keys with each transaction via hash-based signatures. However, this is not a network-wide upgrade; users must proactively transfer funds into the Winternitz vault to benefit from this extra layer of protection.

Bitcoin’s situation is the most complex, with clear internal disagreements. Influential voices like Blockstream CEO Adam Back believe the quantum risk is greatly exaggerated and that no action is needed for decades. Conversely, security researcher Ethan Heilman proposed BIP-360, a Bitcoin Improvement Proposal introducing a new output type called “Pay-to-Merkle-Root” to protect addresses from short-term quantum attacks—but Heilman told CoinTelegraph that implementing this could still take up to seven years.

Google just set a public deadline: 2029 for post-quantum migration.
“Store-now-decrypt-later attacks are relevant today.”
That means Bitcoin has 3 years to migrate over 6.5 million BTC sitting in quantum-vulnerable addresses.
This is Bitcoin’s hardest coordination challenge yet. pic.twitter.com/LkV7gAvlQM
— JP Richardson (@jprichardson) March 25, 2026

2029: Is It Enough?

Google’s 2029 deadline serves as both a warning and a stress test for the cryptography industry. If even tech giants are overhauling their cryptosystems within six years, can blockchain networks—especially Bitcoin, known for its slow consensus—keep pace?

Ethereum also set a 2029 protocol-level goal, but from proposal to community consensus and actual upgrade, major hard forks in Ethereum’s history have rarely been completed within three years. Solana’s vault solution is live but not mandatory, making large-scale adoption difficult.

The greatest risk from quantum threats may not be whether the technology can break encryption but whether the industry’s response can keep up with quantum advancements. Google’s public timeline essentially pressures the entire cybersecurity ecosystem—by 2029, the buffer for everyone is running out.