The news that Microsoft would be offering post-quantum cryptography (PQC) to Windows and Linux users slipped out during its Build event with little fanfare, but the move signals an important change in gear for cybersecurity. Post-quantum encryption is rapidly going mainstream.
Microsoft’s news comes as more in the industry gears up for “Y2Q”, a name given to the day threat actors get hold of a quantum computer and could, theoretically, begin cracking all classic cryptographic algorithms. The UK’s National Cyber Security Centre (NCSC) recently called for complete PQC migration by 2035 amid “harvest now, decrypt later” fears.
Now, with the announcement Microsoft has added PQC algorithms for Windows Insiders to explore via updates to the Cryptography API: Next Generation (CNG) libraries and Certificate and Cryptographic messaging functions many developers will get to “experiment with PQC in their own environments and applications” for the first time; potentially at real scale.
Microsoft follows the likes of Cloudflare, which in March said it had rolled out PQC across several of its offerings and told customers that by "mid-2025, Cloudflare will extend this support to include all IP protocols."
