During the Build 2025 conference, Microsoft made a significant announcement regarding the inclusion of post-quantum cryptography (PQC) in Windows Insiders test assemblies. This new feature will be available starting with version 27852 and also in the Symcrypt-Openssl library version 1.9.0 and above. The purpose of this introduction is to allow users to test quantum-resistant algorithms in their own infrastructures before mass quantum computing becomes a reality.
More specifically, Microsoft has integrated two algorithms, ML-Kem (Encapsulation Mouse Back) and ML-DSA (Digital Signature Algorithm), into the Cryptography API library: Next Generation (CNG). These algorithms are also incorporated into certificate functions and cryptographic message processing functions, and are accessible to participants of the Windows Insiders program.
Furthermore, support for Linux users has been established through the Symcrypt-Openssl (SCOSSSL) library, which offers the OpenSSL interface for Microsoft’s algorithms. ML-Kem and ML-DSA are among the initial cryptoalgorithms approved by the US National Institute of Standards and Technologies (NIST) as resistant to quantum attacks.
Microsoft has emphasized that the early implementation of PQC aims to mitigate risks associated with the Harvest Now, Decrypt Later strategy. This method involves intercepting data encrypted using traditional methods with the intention of decrypting it in the future with the use of quantum computers.
These post-quantum algorithms were initially incorporated into the Symcrypt library in December 2024 and are now accessible for a broader range of systems and applications, including Windows and Linux through the SCOSSSL OpenSSL interface.