Microsoft is bolstering Windows 11’s defenses against the emerging threat of quantum computers by introducing post-quantum cryptography (PQC) in its latest Canary build 27852 and later versions. This enhancement is achieved through the implementation of PQC algorithms, which are designed to withstand the advanced cryptographic capabilities of quantum computers.
The tech giant has upgraded its cryptographic library, SymCrypt, to support ML-KEM and ML-DSA algorithms via its Cryptography API: Next Generation libraries. ML-KEM is specifically designed to secure keys against the ‘harvest now, decrypt later’ threat, where attackers collect encrypted data today, storing it until quantum computers become powerful enough to decrypt it in the future. ML-DSA, on the other hand, focuses on verifying identities and maintaining the integrity of digital signatures.
PQC algorithms address the vulnerability of traditional cryptographic methods to quantum computer attacks by utilizing complex mathematical equations that are challenging for both classical and quantum computers to solve. However, these algorithms come with significant hardware demands, requiring larger key sizes, longer computation times, and increased bandwidth compared to classical cryptography.
Microsoft emphasizes that the PQC algorithms selected by NIST are characterized by their high security, performance, and compatibility. The integration of PQC is not limited to Microsoft products; it is being adopted across various industry standards such as TLS, SSH, and IPSec, paving the way for its widespread use as a countermeasure against quantum computer threats.
SymCrypt, being Microsoft’s primary cryptographic library, plays a crucial role in securing various Microsoft services and operating systems, including Microsoft 365, Azure, Windows 11, and Windows Server 2025. It provides essential security for email, cloud storage, web browsing, and more. With PQC now embedded in SymCrypt, Microsoft is proactively preparing its ecosystem for the potential threats posed by future advancements in quantum computing.
While this technology is currently being tested in Windows 11 Canary builds, Microsoft plans to extend PQC support to Linux in the near future. However, the introduction of PQC to BitLocker is expected to be more complex and is not anticipated in the immediate future due to its hardware demands.
The threat from quantum computers is real and growing. Recent tests by Chinese researchers demonstrated the ability to crack military-grade encryption using a D-Wave quantum computer, highlighting the potential power of quantum computers to compromise current cryptographic standards. As quantum computing continues to evolve, the importance of adopting PQC will only continue to grow.
