Google just moved its post-quantum cryptography migration deadline to 2029, leapfrogging the NSA's 2031 target and the broader US government's 2035 benchmark. For defence OEMs procuring unmanned systems today, this is not a research milestone. This is a procurement risk timeline.

Tech leaders are increasingly concerned they have not been aggressive enough in planning for a post-quantum future. The shift has caught cryptography experts off-guard, with former Microsoft PQC lead Brian LaMacchia describing the 2029 timeline as an aggressive speedup that raises questions about what is motivating the change.

What is motivating it is simple. Advances in quantum hardware and error correction have collectively dispelled the original assumption that a quantum computer would need a billion qubits to break RSA encryption. Google's own research from last June showed that a quantum computer would only need one million noisy qubits to crack 2048-bit RSA keys, suggesting that even a cruder and still error-prone quantum machine could break current encryption.

The timeline is compressing. The OEMs who have not begun quantum-safe integration will face a choice: retrofit classical crypto stacks mid-procurement cycle or lose out on contracts. Delatr will not need to retrofit. Post-quantum mission orchestration is in the architecture from day one.

Store Now, Decrypt Later is Already Happening

Google's researchers warned of "store-now-decrypt-later" attacks, where adversaries steal and save encrypted data today, simply waiting for the day a cryptographically relevant quantum computer is powerful enough to unlock it. This is not a future threat. This is a present-tense operational security failure for any defence system deployed without quantum-resistant encryption.

The procurement cycles OEMs operate on run 10 to 20 years. Systems being procured today will still be operational when quantum computers reach cryptographic relevance. The Trusted Computing Group found that 91% of businesses do not have a formal roadmap for migrating to quantum-safe algorithms. That is 91% of the market operating on the assumption they can address this later. Later is 2029.

Allied Nation Compliance Deadlines Are Not Negotiable

Governments are increasingly urging companies to begin preparing for the shift, recognising that the transition will take time, with countries including the United Kingdom, France, Germany, the Netherlands and the United States having all published strategies, guidelines or white papers outlining the risks and the need for action.

The hard deadlines remain unchanged:

• Australia: 2028

• UK and Europe: 2030

• Canada: 2031

Google moving to 2029 does not extend these compliance windows. It narrows them. OEMs unable to demonstrate quantum-safe certification by these dates will be locked out of allied nation defence contracts. Delatr's runtime and hardware modules are built to meet these deadlines without retrofit.

The OEM Enablement Model Matters More Now

Google has positioned itself as a pioneer in both quantum computing and PQC, stating it is their responsibility to lead by example and share an ambitious timeline to provide the clarity and urgency needed to accelerate digital transitions not only for Google but also across the industry.

Google can set internal deadlines and lead by example because Google controls its own stack. OEMs building unmanned fleets do not have that luxury. They integrate third-party mission orchestration runtimes, comms modules, and sensor payloads from vendors who may or may not be quantum-ready. Delatr's model is purpose-built for this constraint. We do not ask OEMs to rip and replace. We provide an embeddable, white-label runtime with post-quantum encryption from day one.

The alternative is bespoke quantum-safe integration per platform, per customer, per procurement cycle. That model does not scale and it does not meet compliance deadlines. Delatr does.

What This Means for Mixed UxV Fleets

Google has already started rolling out PQC updates across Google Chrome and its Cloud services, with Android 17 set to use the ML-DSA signature system developed with NIST to verify that apps have not been tampered with. These are consumer-facing systems with known threat models and centralised control. Mixed unmanned fleets operate in contested environments with air, ground, and maritime platforms running heterogeneous hardware, degraded comms, and adversarial jamming.

The threat model is worse. The compliance requirements are stricter. The procurement timelines are longer. OEMs need quantum-safe mission orchestration that works across platforms without requiring vendor-specific crypto stacks per system. That is the Delatr runtime.

The Hardware Module Play is Timing-Dependent

Delatr is not designing custom silicon. The model is purpose-built communications modules using existing PQC-capable secure elements running Delatr firmware. Earlier estimates put the qubit count needed to crack Bitcoin at around 20 million, but researchers at Iceberg Quantum now suggest the number could fall to roughly 100,000, with quantum computers having achieved almost a 10x growth in power in the last five years. The timeline is accelerating faster than most hardware development cycles can respond to.

OEMs procuring now need modules that can ship by 2028 to meet Australia's compliance window. Delatr's hardware feasibility assessment with Darryl will determine whether that timeline is achievable. If it is, the hardware module revenue stream opens. If it is not, the runtime licensing model remains the primary valuation driver, and OEMs will need to source quantum-safe comms modules from elsewhere and integrate with the Delatr orchestrator.

Why Google's 2029 Deadline Validates the Delatr Thesis

Unlike the federal government, there is no mandate for private businesses to migrate to quantum-resistant encryption, or even that they do so at all. There is no mandate, but there are compliance deadlines. And those deadlines apply to OEMs selling into allied nation defence procurement.

Google moving to 2029 is a market signal. It confirms what Delatr has been positioning from day one: the threat timeline is compressing, retrofit strategies will not scale, and the OEMs who procure quantum-safe mission orchestration now will have a structural advantage over competitors still running classical crypto stacks.

Delatr is the OEM-embedded runtime that does not need to retrofit. That is the pitch. Google's 2029 deadline just made it more urgent.

Sources:

• Hackread: Google Sets 2029 Deadline as Quantum Computers Threaten Encryption

• CyberScoop: Google moves post-quantum encryption timeline up to 2029

• Google Security Blog: Quantum frontiers may be closer than they appear

• Futurism: Google Warns That Quantum Armageddon Is Drawing Closer

• PC Gamer: Google says it's preparing for the quantum apocalypse

• Decrypt: Google Sets 2029 Deadline to Deal With Quantum Threat

• Euronews: Google sets 2029 deadline to prepare for quantum cyber threat

• Help Net Security: Google races to secure encryption before quantum threats arrive

• TechSpot: Google sets 2029 deadline for quantum-safe encryption

• The Quantum Insider: Google Shortens Timeline for Quantum-Safe Encryption Transition