Google (NASDAQ:GOOGL) (NASDAQ:GOOG) just set one of the most aggressive quantum security deadlines in tech history. Bitcoin developers are still debating whether one is needed. On March 25, Google announced a 2029 target for completing its migration to post-quantum cryptography (PQC). Years ahead of most government benchmarks. The NSA currently aims to transition national security systems by 2033, while NIST has proposed deprecating legacy RSA algorithms by 2035. Google’s move has reframed the conversation for every industry that relies on cryptography and few rely on it more heavily than Bitcoin.
The question worth asking: Is Bitcoin actually at risk or just early in a transition cycle that has years to play out?
What Google Actually Said
First, some clarification. Google’s 2029 deadline is not “Q-Day” — the hypothetical moment when a quantum computer powerful enough to break today’s encryption becomes operational. It’s a migration target. The company’s new timeline reflects migration needs in light of progress on quantum computing hardware development, quantum error correction, and quantum factoring resource estimates. The distinction matters. Google isn’t saying a cryptographically relevant quantum computer (CRQC) will exist by 2029. It’s saying organizations should finish preparing before one might.
“As a pioneer in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline,” wrote Heather Adkins, Google’s VP of Security Engineering, and Sophie Schmieg, Senior Staff Cryptography Engineer, in the company’s blog post.
“By doing this, we hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry.”
There are two distinct threat types at play. The first, “harvest now, decrypt later” (HNDL) is relevant today. Adversaries can collect encrypted data now and wait for quantum machines capable of cracking it. The second involves digital signatures, a future threat that requires upgrading cryptographic infrastructure before a CRQC arrives. Google has shifted its internal priorities, accordingly, placing increased focus on migrating authentication systems to post-quantum standards.
Why Quantum Computing Matters for Crypto
Classical computers solve mathematical problems sequentially. Quantum computers exploit principles of superposition and entanglement to process multiple solutions simultaneously, making certain problems exponentially easier to solve.
That’s where Bitcoin’s exposure begins. Shor’s algorithm, developed by mathematician Peter Shor in the 1990s, demonstrated that a sufficiently powerful quantum computer could factor large integers exponentially faster than any classical system. RSA encryption and the Elliptic Curve Digital Signature Algorithm (ECDSA) — the foundation of Bitcoin’s key security are both vulnerable to this attack vector.
SHA-256, the hashing algorithm used in Bitcoin’s proof-of-work, faces a different and lesser threat via Grover’s algorithm, which offers only a quadratic speedup. Most researchers consider Bitcoin’s hashing side manageable. The signature side is a different story.
Bitcoin’s Specific Vulnerability
Bitcoin’s security model relies on a simple …