Trendy digital safety is at a turning level. We’re on the edge of utilizing quantum computer systems to resolve “unimaginable” issues in drug discovery, supplies science, and vitality—duties that even probably the most highly effective classical supercomputers can’t deal with. Nonetheless, the identical distinctive capacity to think about completely different choices concurrently additionally permits these machines to bypass our present digital locks. This places the public-key cryptography we’ve relied on for many years in danger, probably compromising every part from financial institution transfers to commerce secrets and techniques. To safe our future, it’s vital to undertake the brand new Publish-Quantum Cryptography (PQC) requirements Nationwide Institute of Requirements and Expertise (NIST) is urging earlier than large-scale, fault-tolerant quantum computer systems grow to be a actuality.
To remain forward of the curve, the know-how {industry} should undertake a proactive, multi-year migration to Publish-Quantum Cryptography (PQC). We now have been making ready for a post-quantum world since 2016, conducting pioneering experiments with post-quantum cryptography, rolling out post-quantum capabilities in our merchandise, and sharing our experience via menace fashions and technical papers. For Android, the target extends past patching particular person purposes or transport protocols. The crucial is to make sure that your entire platform structure is resilient for the a long time to return.
We’re starting assessments of PQC enhancements beginning within the subsequent Android 17 beta, adopted by basic availability within the Android 17 manufacturing launch. This deployment introduces a complete architectural improve that’s being rolled out throughout the working system. By integrating the not too long ago finalized NIST PQC requirements deep into the platform, we’re establishing a brand new, quantum-resistant chain of belief. This chain of belief secures the platform constantly—from the second the OS powers on, to the execution of purposes distributed globally. Android is swapping at present’s digital locks for superior encryption to assist improve the safety of each app you obtain—irrespective of how highly effective future supercomputers get.
Securing the muse: Verified boot and {hardware} belief
Safety on any computing gadget begins when the {hardware} begins; if the underlying working system is compromised, all subsequent software program protections fail. As quantum computing advances, adversaries might probably forge digital signatures to bypass these foundational integrity checks. To safe the platform in opposition to this looming menace, Android 17 introduces two main post-quantum cryptographic (PQC) upgrades:
- Upgrading Android Verified Boot (AVB): The AVB library is integrating the Module-Lattice-Based mostly Digital Signature Algorithm (ML-DSA). This offers quantum-resistant digital signatures, making certain the software program loaded in the course of the boot sequence stays extremely immune to unauthorized modification.
- Migrating Distant Attestation: Android 17 begins the transition of Distant Attestation to a totally PQC-compliant structure beneath the present requirements. By updating KeyMint’s certificates chains to help quantum-resistant algorithms, gadgets can securely show their state to relying events, sustaining belief in a post-quantum surroundings.
Empowering builders: Android Keystore updates
Defending the underlying working system is just the primary layer of protection; builders should be outfitted with the cryptographic primitives essential to leverage PQC keys and set up sturdy id verification.
Implementing lattice-based cryptography, which requires considerably bigger key sizes and reminiscence footprints than classical elliptic curve cryptography, inside the severely resource-constrained Trusted Execution Surroundings (TEE), represents a serious engineering achievement. This functionality is designed to help the {hardware} roots of belief and may now generate and confirm post-quantum signatures.
Constructing on this {hardware} basis, Android 17 updates Android Keystore to natively help ML-DSA. This enables purposes to leverage quantum-safe signatures fully inside the gadget’s safe {hardware}, isolating delicate key materials from the principle working system. The SDK exposes each ML-DSA-65, and ML-DSA-87, enabling builders to seamlessly combine these utilizing the usual KeyPairGenerator API. This establishes a brand new period of id and authentication for the app ecosystem with out requiring builders to engineer proprietary cryptographic implementations.
Ecosystem scale: Bringing hybrid signing to Google Play apps and video games
Android is dedicated to making sure the platform is PQC resistant and lengthening the chain of PQC resistance to utility signatures. The mechanisms used to confirm the authenticity of purposes are being upgraded to make sure that app installations and subsequent updates are strictly tamper-proof in opposition to quantum-enabled signature forgery. The platform will confirm PQC signatures over APKs to allow this chain of belief.
To carry these crucial protections to the broader developer neighborhood with minimal friction, the transition will probably be supported via Play App Signing. This strategy offers an instantaneous bridge to quantum security for almost all of lively installs. Google Play will let builders robotically generate ‘hybrid’ signature blocks that mix classical and PQC keys.
Updating keys throughout billions of lively gadgets is a posh operational endeavor. Play App Signing leverages Google Cloud KMS, which helps guarantee industry-leading compliance requirements, to safe signing keys. By managing signing keys securely within the cloud, Google Play allows builders to seamlessly improve their app safety to PQC requirements with out the burden of complicated, guide key administration.
Through the Android 17 launch cycle, Google Play will deal with the technology of quantum-safe ML-DSA signing keys for brand spanking new apps and present apps that opt-in, impartial of the purposes goal API . Later, builders will be capable of select their very own classical and ML-DSA signing keys and delegate them to Google Play for his or her hybrid key improve. To advertise safety finest practices, Google Play may also begin prompting builders to improve their signing keys not less than each two years.
The cryptographic roadmap: From authenticity to privateness
Google’s post-quantum transition started in 2016, and Android 17 marks the primary part of Android’s post-quantum transition:
- Securing the muse: We’re upholding the integrity of our attestation and Chain of Belief by incorporating ML-DSA into Android Verified Boot.
- Empower Builders: The inclusion of ML-DSA help inside Android Keystore and Play App Signing permits builders to safeguard their customers and utility.
- Ecosystem Scale: Through the use of hybrid signatures for APKs, builders can create a protected transition that preserves present belief whereas including post-quantum defenses to dam unauthorized updates.
Our roadmap additional integrates post-quantum key encapsulation into KeyMint, Key Attestation and Distant Key Provisioning. This evolution is meant to bolster the safety of your entire id lifecycle—from hardware-level DICE measurements to our distant attestation servers—making certain the Android ecosystem stays resilient and personal in opposition to the quantum threats of tomorrow.
