The change would apply to the whole system structure, not simply particular person apps.
Google has been engaged on post-quantum cryptography since 2016 and units 2029 because the migration deadline.
Google introduced this March 25, 2026 that Android 17 will combine post-quantum cryptography (PQC) enhancements beginning within the subsequent beta model, adopted by normal availability within the manufacturing launch. The measure responds to the accelerated advance of quantum computing and the necessity to replace the safety foundations of essentially the most used cellular working system on the earth, earlier than this expertise represents an actual menace to present encryption.
The announcement was posted on Google’s safety weblog by Eric Lynch, Android product supervisor, and Dom Elliot, Google Play product group supervisor. The aim isn’t merely to patch particular person functions or transport protocols, however to make sure that the whole platform structure is resilient for many years to return.
Android 17 strengthens its safety with two key modifications. First, enhance the method of verified bootguaranteeing that nobody has tampered with the working system earlier than the telephone activates. Second, it updates the way in which the gadget demonstrates to exterior functions (corresponding to these from banks) that it’s safe; now makes use of a brand new sort of anti-quantum ‘shielded’ cryptography that might be not possible to crack even for supercomputers of the longer term
As for builders, Android Keystore will incorporate native help for ML-DSA (post-quantum cryptography signatures), permitting functions to make use of safe signatures in opposition to quantum assaults immediately from the safe {hardware} of the gadget, with out builders having to implement their very own cryptographic options. In apply, future cryptocurrency pockets apps will have the ability to run post-quantum safe signatures beginning with Android 17.
Submit-quantum cryptography: why now
Submit-quantum cryptography is a set of algorithms designed to withstand assaults by quantum computer systems, machines that, in contrast to classical ones, can concurrently course of a number of states and clear up sure math issues exponentially sooner. Present encryption programs—corresponding to RSA or the elliptic curves that defend wallets and communications—rely exactly on the issue of those issues to be safe.
The menace to encryption programs is already related right now by so-called “retailer now, decrypt later” assaults, the place malicious actors accumulate encrypted information right now with the intention of deciphering them after they have a sufficiently highly effective quantum laptop. Digital signatures, in distinction, signify a future menace that requires finishing the transition to PQC earlier than a cryptographically related quantum laptop exists.
Background: Google and the quantum horizon earlier than 2030
The announcement of Android 17 comes a day after Google printed one other assertion concerning the development of its quantum computer systems. As reported by CriptoNoticias, Google Quantum AI said that it was “more and more satisfied” that quantum computer systems with industrial relevance They are going to be accessible earlier than the tip of this decadebeing the primary time that the corporate has set such a particular time horizon.
Nonetheless, it could not confer with tools prepared for the mass market, however to programs able to fixing issues of actual worth for industries corresponding to prescribed drugs, computational chemistry or finance.
The implementation of PQC in Android 17 is a part of a broader roadmap that Google outlined in the identical announcement. Subsequent steps embody integrating post-quantum key encapsulation into KeyMint, key attestation, and distant key provisioning, with the aim of strengthening the whole id lifecycle within the Android ecosystem. Google indicated that it expects to share extra updates on this transition within the coming months.
