The incredible potential of quantum computing is matched only by the risk it poses to today’s digital security.
Algorithms that protect everything from online banking to national secrets rely on mathematical problems considered
intractable for classical computers—but not for sufficiently powerful quantum machines.
Below is a deeper exploration of how quantum technology threatens modern encryption, what “post-quantum” solutions look like,
and the practical steps we must take before the danger becomes urgent.
Why Current Encryption Works
Most online security rests on two families of algorithms:
Public-Key Cryptography (Asymmetric)
RSA, Diffie–Hellman and elliptic-curve schemes rely on problems like integer factorisation
or the discrete logarithm. With today’s classical hardware, solving these problems for 2048-bit keys would
take longer than the age of the universe.
Symmetric Encryption
AES and similar block ciphers use shared secrets and rely on exhaustive key search being computationally infeasible.
A 256-bit AES key, for example, has 2256 possible values—astronomically large for any classical brute-force attack.
How Quantum Computers Disrupt This Balance
Quantum machines exploit superposition and entanglement, enabling algorithms that cut through today’s “hard” problems:
Shor’s Algorithm
Capable of factoring large integers or solving discrete logarithms in polynomial time, Shor’s algorithm would
render RSA and elliptic-curve cryptography effectively useless once a quantum computer with tens of millions of logical qubits and
low error rates becomes available.
Grover’s Algorithm
Provides a quadratic speed-up for brute-forcing symmetric keys. While AES is not entirely broken,
its effective security is halved—meaning AES-256 would offer roughly the same strength as AES-128 does today.
When Will the “Q-Day” Arrive?
Experts disagree on exact timelines, but many forecasts converge on the 2030s for a cryptographically relevant quantum computer
(CRQC)—sooner if unexpected breakthroughs accelerate qubit error-correction or scaling. Crucially,
data harvested today can be decrypted later (“store-now, decrypt-later”), giving adversaries an incentive
to capture traffic long before quantum machines mature.
Post-Quantum Cryptography (PQC)
PQC refers to algorithms believed to be secure even against quantum adversaries while remaining practical for classical hardware.
Leading candidates include:
- Lattice-based schemes such as CRYSTALS-Kyber (key exchange) and CRYSTALS-Dilithium (signatures)
- Code-based algorithms like Classic McEliece
- Hash-based signature schemes such as SPHINCS+
- Multivariate polynomial systems
In July 2022, NIST announced draft standards for Kyber, Dilithium, Falcon and SPHINCS+, with final publication expected in 2024–2025.
These will serve as the backbone of quantum-resistant security protocols.
What Governments and Industry Are Doing
• The U.S. National Security Memorandum 10 directs federal agencies to inventory vulnerable systems and begin transition by 2025.
• The EU’s Quantum Flagship funds research into large-scale quantum networks and PQC integration.
• Major tech firms (Google, Microsoft, Amazon) are test-deploying hybrid TLS handshakes using Kyber alongside classical algorithms to enable seamless migration.
How Your Organization Can Prepare Today
- Inventory cryptography: Map where and how keys are generated, stored and exchanged across applications and hardware.
- Adopt crypto-agility: Build systems that allow rapid swap-out of algorithms without re-architecting entire services.
- Use hybrid modes: Combine classical and PQC algorithms in a single handshake to preserve compatibility while adding quantum resilience.
- Increase symmetric key sizes: Move from AES-128 to AES-256 to compensate for Grover’s speed-up.
- Monitor standards: Track NIST, ISO and industry guidance to align upgrades with emerging best practices.
- Educate stakeholders: Ensure engineers, executives and compliance teams understand the quantum threat and funding requirements for migration.
Conclusion
Quantum computing will unlock extraordinary scientific and economic advances, but it also places the foundations of digital trust at risk.
Waiting until a fully capable quantum computer appears is not an option—data being transmitted and stored today may be exposed tomorrow.
By embracing post-quantum standards, practising crypto-agility and investing in secure implementation now, we can ensure a smoother, safer transition
into the quantum era.
