April 08, 2026 -- In the last two weeks, the research community, the infrastructure layer of the internet, and some of the world's largest technology companies converged on the same conclusion: the timeline to migrate away from quantum-vulnerable cryptography just shortened by years, not months.

Individually, each of the events below would be significant. Together, they form a pattern that changes the planning assumptions for every enterprise, every federal agency, and every organization holding data with a confidentiality horizon beyond 2030.

Here is what happened. In order.

Signal 1: Google sets a hard 2029 PQC migration deadline

On March 25, 2026, Google published a post by Heather Adkins and Sophie Schmieg setting a 2029 target for completing post-quantum cryptography migration across Google systems. Not 2035, the NIST disallowance date. Not 2030, the broad deprecation horizon. 2029.

Google has been building crypto agility since 2016. If a company with a decade of preparation and deep internal cryptography infrastructure still needs until 2029, that should reset every enterprise planning model that assumes the transition can begin later and still finish on time.

The sequencing detail matters too. Google emphasized authentication migration as a priority, even while harvest-now-decrypt-later risk still applies to encryption. That is a signal about how close they think the more acute trust break could be.

Signal 2: Google Quantum AI publishes new ECC-256 resource estimates

On March 31, 2026, Google Quantum AI published new estimates suggesting elliptic-curve cryptography at the 256-bit level may require far fewer physical qubits to break than prior public estimates implied. Under the paper's stated assumptions, the attack path lands below 500,000 physical qubits with a runtime of about nine minutes on a cryptographically relevant machine.

That is not a minor optimization. It is roughly a twentyfold reduction over previous public estimates for the same class of attack. The estimate was validated via a zero-knowledge proof, while key implementation details were withheld.

Cloudflare noted on April 7 that the era of fully open publication of these advances may already be ending. That means institutions should not assume the public research record will continue to provide comfortable warning lead time.

Signal 3: Caltech and Oratomic publish the neutral-atom estimate

On March 30, 2026, a Caltech and Oratomic team published a preprint describing a neutral-atom architecture that could break ECC-256 with roughly 26,000 physical qubits and a runtime of about ten days using qLDPC error correction and reconfigurable connectivity.

If those estimates survive scrutiny, the overhead implied is radically lower than the surface-code mental model many defenders still use. Cloudflare's write-up framed this as roughly three to four physical neutral-atom qubits per logical qubit under the paper's assumptions.

Oratomic also withheld implementation details. That is the second independent sign inside the same week that the public literature may understate what well-resourced actors know privately.

Signal 4: Google expands into neutral-atom quantum computing

On March 24, 2026, one day before Google announced its 2029 migration target, Google Quantum AI said it was expanding into neutral-atom quantum computing under Dr. Adam Kaufman.

Timing matters here. March 24: Google enters neutral atoms. March 25: Google sets a 2029 PQC deadline. March 30: Oratomic publishes the neutral-atom Shor estimate. March 31: Google publishes improved ECDLP resource estimates. Four events in eight days, from connected parts of the same ecosystem, all moving in the same direction.

Signal 5: Cloudflare accelerates its PQC roadmap to 2029

On April 7, 2026, Cloudflare published a roadmap targeting full platform post-quantum security, including authentication, by 2029. Cloudflare handles roughly one fifth of global web traffic, and more than 65% of human-generated traffic through its network already uses post-quantum key agreement for encryption.

The new piece is authentication. Cloudflare's roadmap lays out ML-DSA support for origin connections by mid-2026, post-quantum end-user authentication via Merkle Tree Certificates by mid-2027, Cloudflare One upgrades by early 2028, and full post-quantum security by 2029.

Cloudflare also published sector-level exposure data. Governments, financial services, and telecoms are further along. Healthcare, technology, and consumer sectors are behind. The most exposed sectors remain those with hard-to-update assets and long operational lifetimes.

Signal 6: IBM says moonshot attacks by 2029 cannot be ruled out

After the Google and Oratomic publications, IBM Quantum Safe CTO Ray Harishankar stated publicly that high-value-target quantum moonshot attacks cannot be ruled out as early as 2029. IBM is not a peripheral commentator on this problem. They build quantum systems and migration programs.

The point is not that 2029 is guaranteed. The point is that one of the most technically informed vendors in the market is no longer willing to exclude that date from a serious threat model.

Signal 7: NIST already set the transition framework

This final signal is older, but it is the regulatory base under the rest. NIST finalized FIPS 203, FIPS 204, and FIPS 205 in August 2024. In November 2024, NIST IR 8547 set out the transition framework for moving away from RSA, ECDSA, ECDH, and related vulnerable algorithms.

The draft timelines point to broad deprecation by 2030 and full disallowance by 2035, subject to final refinement. The important point is that every faster-moving signal above represents major actors responding to the NIST framework by moving earlier than the official outside dates.

The research estimates collapsed. Google moved its deadline. Cloudflare matched it. IBM said high-value-target moonshot attacks by that date cannot be ruled out. And the NIST transition framework was already in motion underneath all of it.

The authentication problem most organizations have not started thinking about

Both Google and Cloudflare are signaling the same operational truth: post-quantum encryption alone is not enough. Authentication must migrate too. And authentication migration is usually harder, slower, and more entangled with dependencies than transport encryption upgrades.

Cloudflare made the downstream implication explicit. Once you disable quantum-vulnerable authentication, every credential previously exposed under that trust model must be assumed suspect and rotated. Passwords, session material, API keys, tokens, and machine identities all get pulled into scope.

That means migration is not a certificate swap. It is a certificate swap followed by a rotation problem across the entire environment.

What this means for your organization

The first question every board, CISO, and CTO should be asking is not, “When will a quantum computer break our encryption?” It is, “Do we know where RSA and ECC live in our own environment?”

Most organizations still cannot answer that. They do not have a complete cryptographic inventory. They do not know which systems depend on vulnerable key exchange, which certificates still rely on elliptic-curve signatures, which vendors will gate the migration path, or which systems will fail when the trust chain changes.

Without that inventory, there is no migration plan. Without a migration plan, there is no credible timeline. And without a timeline, all seven signals above remain news rather than operations.