Google announced to secure internal communications with post-quantum cryptography (PQC)

While most companies are waiting for the NIST PQC standards to be published, Google announced it is already protecting internal communication with post-quantum cryptography based on its encryption-in-transit protocol, Application Layer Transport Security (ALTS) protocol.

While Google confirmed that current standards like RSA (Rivest–Shamir–Adleman) and elliptic curve cryptography are hard to break by current quantum computers. This might change in the future as threat actors might store encrypted data today, and decrypt it when they gain access to a quantum computer. Furthermore, product lifetime might overlap with the arrival of quantum computers and will create difficulties to update systems in retrospect.

Google chose the NTRU-HRSS KEM algorithm, considered one of the more conservative, but well-known and well-vetted algorithms.