Microsoft adds quantum-resistant encryption to Windows 11

Quantum-safe encryption brings larger keys, requiring developers to update software for compatibility.
Microsoft, Post-quantum cryptography, NIST, Windows 11, Encryption, SymCrypt

Microsoft is rolling out quantum-resistant encryption algorithms in Windows 11 as part of its effort to prepare for the eventual arrival of quantum computers. The new cryptographic tools were announced at the BUILD 2025 conference and are now available in Insider Preview Build 27852 and higher.

These updates introduce post-quantum algorithms—ML-KEM and ML-DSA—into SymCrypt, Windows’ core cryptographic library.

The algorithms, formerly known as CRYSTALS-Kyber and CRYSTALS-Dilithium, were selected by the US National Institute of Standards and Technology (NIST) and are part of the agency’s recommended post-quantum cryptography (PQC) standards.

The algorithms have also been added to SymCrypt-OpenSSL, Microsoft’s open-source extension for integrating SymCrypt with OpenSSL. Developers can now access the algorithms via Microsoft’s Cryptography API: Next Generation (CNG), enabling early testing and migration.

Quantum computers, which are still in experimental stages, promise to outperform classical systems in solving problems like factoring large numbers—a cornerstone of traditional encryption methods like RSA and elliptic curve cryptography.

Experts warn that these legacy systems could be broken in the coming decades, potentially compromising the security of global communications, financial systems, and data infrastructure.

The new PQC algorithms are designed to resist quantum attacks, but they bring additional complexity. Their encryption keys are significantly larger than those used in current standards.

For now, NIST recommends using them alongside RSA or elliptic curve keys in hybrid configurations, to mitigate risks from undiscovered vulnerabilities.

The transition to quantum-safe encryption is expected to be one of the most complex in cybersecurity history. Developers will need to address compatibility issues, including ensuring software can handle longer key lengths without introducing system-breaking errors.

Microsoft’s early adoption is a step toward broader post-quantum readiness. Experts emphasize the importance of rigorous testing now, as the timeline for quantum threats remains uncertain.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!