Passwordly

Quantum Computing and Cybersecurity: What You Need to Know

📰 Security News & Trends

Quantum Computing and Cybersecurity: What You Need to Know

Quantum computers will eventually break current encryption. Learn how quantum computing threatens cybersecurity, what post-quantum cryptography looks like, and how to prepare today.

Passwordly Team
10 min read

The Quantum Revolution

Quantum computing represents a fundamental shift in how computers process information. While classical computers use bits (either 0 or 1), quantum computers use qubits that can exist in multiple states simultaneously through a property called superposition. Combined with entanglement (where qubits become correlated) and quantum interference, this enables quantum computers to solve certain problems exponentially faster than classical machines.

Where quantum computing stands in 2026:

  • IBM, Google, and other companies have demonstrated quantum processors with hundreds of qubits, with roadmaps toward thousands
  • Quantum error correction — the key to reliable, large-scale quantum computation — has made significant experimental progress
  • Quantum advantage has been demonstrated for specific, narrow problems (though not yet for breaking encryption)
  • Billions of dollars in government and private investment are accelerating development worldwide

Why cybersecurity professionals are concerned: The specific class of problems that quantum computers excel at happens to include the mathematical problems that underpin most of today's public-key cryptography. When sufficiently powerful quantum computers exist, they will be able to break the encryption protecting everything from banking transactions to government secrets.

This isn't science fiction — it's a mathematical certainty. The only questions are when and how to prepare.

How Quantum Computers Break Encryption

To understand the threat, you need to understand the two categories of encryption:

Symmetric encryption (AES, ChaCha20): Uses the same key for encryption and decryption. Security depends on the key length.

  • Quantum impact: Moderate. Grover's algorithm gives quantum computers a quadratic speedup for brute-force searches — effectively halving key length security. AES-128 drops to 64-bit equivalent security, but AES-256 remains secure at 128-bit equivalent security.
  • Solution: Simply use larger key sizes. AES-256 is already widely deployed and remains quantum-safe.

Asymmetric/public-key encryption (RSA, ECC, Diffie-Hellman): Uses mathematically related key pairs (public and private). Security depends on the difficulty of factoring large numbers or solving discrete logarithm problems.

  • Quantum impact: Catastrophic. Shor's algorithm allows quantum computers to factor large numbers and solve discrete logarithm problems in polynomial time — making RSA, ECC, and Diffie-Hellman completely breakable.
  • Solution: Replace with entirely new algorithms based on different mathematical problems (post-quantum cryptography).

What Shor's algorithm breaks:

  • RSA (key exchange, digital signatures) — used in TLS/HTTPS, email encryption, document signing
  • ECDSA/EdDSA (digital signatures) — used in Bitcoin, TLS certificates, SSH keys
  • ECDH/DH (key exchange) — used in nearly every encrypted connection on the internet
  • DSA (digital signatures) — legacy but still present in some systems

This means that virtually every secure connection on the internet today relies on algorithms that a sufficiently powerful quantum computer could break.

What's at Risk

The implications of breaking public-key cryptography are staggering:

Internet security:

  • TLS/HTTPS — every secure website connection uses public-key cryptography for key exchange. Quantum computers could intercept and decrypt HTTPS traffic.
  • Email encryption (PGP/S-MIME) — encrypted emails could be read
  • VPNs — tunnel encryption relies on key exchanges vulnerable to quantum attack
  • SSH — secure remote access to servers would be compromised

Financial systems:

  • Banking transactions — online banking, wire transfers, card payments
  • Cryptocurrency — Bitcoin and most blockchains use ECDSA signatures; quantum computers could forge transactions and steal funds
  • Stock trading — electronic trading systems rely on encrypted communications

National security:

  • Military communications — encrypted command and control channels
  • Intelligence — classified communications and data storage
  • Critical infrastructure — SCADA/ICS systems controlling power grids, water systems, transportation

Digital identity:

  • Digital certificates — the foundation of trust on the internet (proving websites are who they claim)
  • Code signing — verifying software hasn't been tampered with
  • Digital signatures — legal documents, contracts, government records

Personal data:

  • Encrypted backups, password manager vaults (the key exchange/wrapping may be vulnerable even if the symmetric encryption is secure), medical records, financial records

Harvest Now, Decrypt Later

Perhaps the most urgent concern isn't the future — it's what's happening right now.

The concept: Nation-state adversaries and sophisticated attackers are already intercepting and storing encrypted communications today with the intention of decrypting them once quantum computers become available. This strategy is known as "harvest now, decrypt later" (HNDL) or "store now, decrypt later."

Why this matters today:

  • Encrypted data intercepted in 2026 may be decryptable by 2035-2040
  • Some data retains its sensitivity for decades: intelligence assets, trade secrets, medical records, personal information
  • Government classified information must remain secure for 25-75+ years
  • Once data is intercepted, there's no way to "un-intercept" it

Evidence of HNDL activity: Intelligence agencies have warned that nation-states are already conducting large-scale data collection specifically for future quantum decryption. The NSA, CISA, and intelligence agencies from Five Eyes nations have all issued guidance urging immediate action on post-quantum migration.

Implication for individuals: If you're transmitting data today that needs to remain confidential for more than 10-15 years, the quantum threat is already relevant. This is especially true for:

  • Sensitive personal communications
  • Medical and genetic information
  • Financial records and transactions
  • Business trade secrets and intellectual property
  • Legal communications subject to attorney-client privilege

Post-Quantum Cryptography

Post-quantum cryptography (PQC) refers to cryptographic algorithms designed to resist attacks from both classical and quantum computers. These algorithms are based on mathematical problems believed to be hard for quantum computers:

Lattice-based cryptography:

  • Based on problems involving high-dimensional lattice structures
  • Most versatile — supports encryption, key exchange, and digital signatures
  • Generally good performance characteristics
  • Examples: ML-KEM (Kyber), ML-DSA (Dilithium)

Hash-based signatures:

  • Based on the security of hash functions (which remain quantum-safe)
  • Well-understood mathematical security foundation
  • Primarily useful for digital signatures (not encryption)
  • Examples: SLH-DSA (SPHINCS+), XMSS, LMS

Code-based cryptography:

  • Based on the difficulty of decoding certain error-correcting codes
  • Studied since the 1970s (McEliece cryptosystem)
  • Large key sizes are a practical challenge
  • Example: Classic McEliece (under evaluation)

Isogeny-based cryptography:

  • Based on mathematical relationships between elliptic curves
  • Compact key sizes
  • SIKE (the leading candidate) was broken by a classical attack in 2022, but research continues
  • Still emerging; less mature than lattice-based approaches

NIST Post-Quantum Standards

The National Institute of Standards and Technology (NIST) has been leading a multi-year effort to standardize post-quantum cryptographic algorithms:

2024 Standardized Algorithms (FIPS 203, 204, 205):

  1. ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism) — formerly Kyber

    • Purpose: Key exchange (replacing ECDH and RSA key exchange)
    • Status: FIPS 203 finalized
    • Performance: Fast, compact keys and ciphertexts

  2. ML-DSA (Module-Lattice-Based Digital Signature Algorithm) — formerly Dilithium

    • Purpose: Digital signatures (replacing RSA and ECDSA signatures)
    • Status: FIPS 204 finalized
    • Performance: Good balance of speed and signature/key size

  3. SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) — formerly SPHINCS+

    • Purpose: Digital signatures (conservative, hash-based alternative)
    • Status: FIPS 205 finalized
    • Performance: Larger signatures but relies only on hash function security

Industry adoption in 2025-2026:

  • Google and Cloudflare implemented hybrid post-quantum key exchange (X25519 + ML-KEM) in TLS, protecting Chrome and major websites
  • Apple added PQ3 protocol for iMessage using post-quantum key exchange
  • Signal implemented the PQXDH protocol combining X25519 with ML-KEM
  • OpenSSH added ML-KEM support for key exchange
  • Major VPN providers began implementing hybrid post-quantum tunnels

When Will Quantum Threats Materialize?

The honest answer is: nobody knows for certain. Expert estimates vary widely:

Conservative estimates (most common among researchers):

  • Cryptographically relevant quantum computer (CRQC) capable of breaking RSA-2048: 2035-2045
  • Requires millions of physical qubits with low error rates
  • Significant engineering challenges remain (error correction, stability, scaling)

Aggressive estimates:

  • Some researchers and intelligence agencies plan for CRQC as early as 2030-2035
  • Surprise breakthroughs in error correction or architecture could accelerate timelines
  • Nation-state programs may be further ahead than publicly known

What we know:

  • Current quantum computers (hundreds of noisy qubits) are far from breaking encryption
  • Breaking RSA-2048 is estimated to require thousands of logical qubits (translating to potentially millions of physical qubits with current error correction)
  • Progress is accelerating but the remaining challenges are substantial

The "Mosca Inequality": If x = time data must remain secure, y = time to migrate systems to PQC, and z = time until CRQC exists:

  • If x + y > z, you need to act NOW
  • For many organizations, migration will take 5-15 years, and data needs to stay secure for 10-25+ years — making the window for action already open

What You Can Do Today

While the full quantum threat is years away, there are practical steps to take now:

For individuals:

  1. Use AES-256 encryption where possible. Symmetric encryption with 256-bit keys is quantum-resistant. When choosing encryption tools, prefer AES-256 over AES-128.

  2. Use services that adopt PQC early. Choose browsers, messaging apps, and VPNs that are implementing post-quantum protections. Chrome, Signal, and iMessage already have PQC in production.

  3. Strengthen passwords. While quantum computing doesn't directly threaten password hashing (which is symmetric), better passwords are always better security. Use our password generator for maximum-strength passwords.

  4. Understand what data you have. Inventory your sensitive data. If any of it needs to remain confidential for more than 15 years, prioritize using quantum-resistant protections for it now.

  5. Stay informed. The quantum cybersecurity landscape is evolving rapidly. Follow NIST, CISA, and major security organizations for updates on migration guidance.

For organizations and developers:

  1. Conduct a cryptographic inventory — identify all the cryptographic algorithms and protocols your systems rely on
  2. Prioritize data by sensitivity and longevity — focus quantum migration efforts on the most sensitive, longest-lived data first
  3. Start testing PQC algorithms — integrate ML-KEM and ML-DSA into development environments
  4. Adopt hybrid approaches — use classical + post-quantum algorithms together during the transition (if the PQC algorithm is broken, the classical algorithm still provides security)
  5. Update procurement requirements — require PQC support in new systems and vendor contracts

Quantum computing's threat to encryption isn't a question of "if" but "when." The mathematics are settled — Shor's algorithm will break RSA, ECC, and Diffie-Hellman when quantum hardware catches up. The good news is that the cryptographic community has been preparing for over a decade, NIST has finalized the first post-quantum standards, and major technology companies are already deploying hybrid protections. For individuals, the most important step is choosing services and tools that adopt these protections early — and ensuring that your fundamental security hygiene (strong unique passwords, MFA, software updates) remains impeccable regardless of the quantum timeline.

Share:

Tags

quantum computingpost-quantum cryptographyencryptioncybersecurity futureNIST

Related Articles

Continue exploring related topics