Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Microsoft starts including PQC algorithms in cyber foundations | Computer Weekly

By Computer Weekly by By Computer Weekly
August 20, 2025
Home Uncategorized
Share on FacebookShare on Twitter


Two years after the debut of its Quantum Safe Programme (QSP) Microsoft is now moving steadily through the process of incorporating post-quantum cryptography (PQC) algorithms into some of the foundational components underpinning the security of its product suite.

The computing giant said that in order to maintain the resilience of its systems and servers when future quantum computers likely break current encryption protocols for good, it needs its core services to be set to go before 2029.

This is a self-imposed deadline for early adoption of quantum-safe enabled technology that, for now, sits well ahead of most government targets for take-up – the UK’s National Cyber Security Centre (NCSC) says Britain’s key sectors and organisations should be planning to switchover to PQC by 2035.

Outlining the progress made to date, Microsoft Azure chief technogy officer Mark Russinovich, and Microsoft corporate vice president, CTO of Microsoft Security and Israel R&D Centre managing director Michal Braverman-Blumenstyk said that while scalable quantum computing remains a pipe dream for now, the time to prepare for it is now.

“Migration to post PQC is not a flip-the-switch moment, it’s a multiyear transformation that requires immediate planning and coordinated execution to avoid a last-minute scramble,” they said.

“It is also an opportunity for every organisation to address legacy technology and practices and implement improved cryptographic standards.

They added: “By acting now, organisations can upgrade to modern cryptographical architectures that are inherently quantum safe, upgrade existing systems with the latest standards in cryptography, and embrace crypto-agility to modernise their cryptographic standards and practices and prepare for scalable quantum computing.”

The overall QSP strategy, as previously outlined, centres on three core pillars: updating Microsoft’s own and third-party services, supply chain and ecosystem to be quantum safe; supporting its customers, partners and ecosystems in this goal; and promoting global research, standards and solutions around quantum security.

Redmond has already conducted an enterprise-wide inventory to identify the potential risks and has been partnering with industry leaders over the past couple of years to address some of the more critical dependencies, invest in research, and work together on new hardware and firmware.

Where we stand today

As of this point in time, Microsoft has integrated PQC algorithms into components such as SymCrypt, which is the main cryptographic library used by Windows, Azure and Office 365. This library now supports Module-Lattice Key Encapsulation Mechanism (ML-KEM, formerly known as Crystals-Kyber) and Module-Lattice-Based Digital Signature Algorithm (ML-DSA, formerly known as Crystals-Dilithium), both of which were among the quantum-safe algorithms taken forward by the US National Institute of Standards and Technology (NIST) a year ago.

Addressing the threat of Harvest Now Decrypt Later (HNDL) cyber attacks in which threat actors exfiltrated data today and hold it in reserve until they can crack the code, Microsoft is also ramping up the introduction of quantum-safe key exchange mechanisms in SymCrypt, enabling transport layer security (TLS) hybrid key exchange – per the latest IETF draft – and enhancing TLS 1.3 to support hybrid and pure post-quantum key exchange methods. These capabilities will be trickling down to the Windows TLS stack before much longer, said Russinovich and Braverman-Blumenstyk.

Beyond SymCrypt, Microsoft is also updating components such as its Entra authentication, key and secret management, and signing services, and plans to move towards integrating PQX into Windows, Azure, Office 365, and its data, networking and AI services to ensure the safety of the broader Microsoft services ecosystem.

Alignment to government plans

Microsoft’s overall QSP strategy currently aligns chiefly with US government requirements and timelines concerning quantum safety – including those laid down by agencies such as the Cybersecurity and Infrastructure Security Agency (CISA), NIST, and the National Security Agency (NSA).

However it is closely monitoring quantum safe initiative emanating from Australia, Canada, the European Union (EU), Japan and the UK.



Source link

By Computer Weekly

By Computer Weekly

Next Post
Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

Recommended.

Shrinking Middle Management Layer Puts Pressure on Workplace Communication and Engagement

Shrinking Middle Management Layer Puts Pressure on Workplace Communication and Engagement

August 28, 2025
Trimble Introduces Transformative AI-Powered Innovations at 2025 Trimble Insight Tech Conference

Trimble Introduces Transformative AI-Powered Innovations at 2025 Trimble Insight Tech Conference

November 18, 2025

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

January 13, 2026
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio