Google has announced the integration of post-quantum cryptography (PQC) within its Cloud Key Management Service (KMS). This update is designed to protect customer data from the emerging threat of “Harvest Now, Decrypt Later” attacks, where encrypted data is collected today with the intent of being decrypted in the future by quantum computers.

The integration provides a quantum-resistant layer of security for data in transit, specifically for the Transport Layer Security (TLS) connections used to interact with the KMS service.

A Hybrid Approach to Quantum-Resistant Encryption

The new security feature employs a hybrid key encapsulation mechanism (KEM). This mechanism combines a well-established classical cryptographic algorithm, Elliptic Curve Diffie-Hellman (ECDH) using the X25519 curve, with a post-quantum algorithm. The specific PQC algorithm implemented is Kyber768, which has been selected by the U.S. National Institute of Standards and Technology (NIST) for standardization.

This hybrid key agreement, known as X25519Kyber768, protects the TLS connections that secure data in transit to Cloud KMS. The dual-algorithm approach ensures that security is maintained against attacks from both classical and future quantum computers. The security of the connection relies on the hardness of either the classical or the post-quantum algorithm.

Countering the ‘Harvest Now, Decrypt Later’ Strategy

The primary motivation for this deployment is the “Harvest Now, Decrypt Later” (HNDL) threat model. This model acknowledges that adversaries are actively capturing and storing large volumes of encrypted data from governments and enterprises. The expectation is that this data can be decrypted years from now once a sufficiently powerful quantum computer is built.

By implementing a post-quantum KEM today, Google Cloud ensures that the symmetric keys protecting data handled by KMS are resistant to future quantum attacks. This proactive measure safeguards the long-term confidentiality of information and renders harvested data useless to adversaries, even after the arrival of quantum computing capabilities.

Source: https://www.infoq.com/news/2025/10/cloud-kms-post-quantum-kem/