Microsoft is preparing Windows 11 for a new major threat to cybersecurity: quantum computers.
In a blog post, Microsoft announced that Windows 11, starting with Canary build 27852, will support post-quantum cryptography (PQC). This technology is designed to protect data from the enormous computing power of quantum computers, which can crack traditional encryption techniques.
Microsoft has expanded its cryptography library, SymCrypt, to support this. It now supports the PQC algorithms ML-KEM and ML-DSA via the Cryptography API: Next Generation. SymCrypt is used in certificates and encrypted messaging functions.
ML-KEM is designed to protect keys against the so-called collect now, decrypt later scenario. In this scenario, attackers now store data to crack it later, once quantum computers are powerful enough.
PQC algorithms are resistant to attacks from quantum computers. They use complex mathematical problems for both classical and quantum computers to solve. However, these techniques place significantly higher demands on hardware. They require larger keys, more computing power, and bandwidth than traditional methods.
Carefully selected algorithms
According to Microsoft, the US NIST has carefully selected the algorithms for their high security, performance, and compatibility. PQC is not only used by Microsoft, but is also finding its way into international standards such as TLS, SSH, and IPSec, making it a common defense against quantum attacks.
SymCrypt is Microsoft’s main cryptography library. It is used in numerous products and services, such as Microsoft 365, Azure, Windows 11, and Windows Server 2025. This library provides security for email, cloud storage, and web browsing.
By integrating PQC into SymCrypt, Microsoft is arming its entire ecosystem of operating systems and products against future quantum threats. This technology is being tested in Windows 11, starting with build 27852. Linux will also receive support in the future. No details about its application in BitLocker have yet been announced, but given the technical requirements, this does not seem likely at the time.
Quantum computers pose a real threat, as demonstrated last year when Chinese researchers succeeded in breaking military encryption with a D-Wave quantum computer. Although this was only a test, it shows that quantum technology can already compromise traditional security. As this technology continues to develop, this threat will only increase.