Fortunately, symmetric-key encryption methods are not at risk because they work quite differently and can be secured simply by increasing the size of the keys you use — that is, unless mathematicians can find a way for quantum computers to crack those keys as well. But even increasing the size of the key cannot protect existing public-key cryptographic algorithms from quantum computers. New algorithms are needed.
What are the implications of quantum computers breaking the encryption we currently use?
Yes, that’s bad. If the public key encryption is suddenly broken without an alternative, digital security will be severely compromised. For example, websites use public key cryptography to maintain secure Internet connections, so sending sensitive information through websites will no longer be secure. Cryptocurrencies also rely on public key cryptography to secure their underlying blockchain technology, so the data in their ledgers will not be trustworthy.
There are also fears that hackers and nation-states could be too Storing highly sensitive government or intelligence data—data they can’t currently decrypt — to decrypt later once quantum computers become available.
How is work progressing on quantum resistance algorithms?
In the United States, the National Institute of Standards and Technology has been researching new algorithms that can withstand attacks from quantum computers. The agency began taking public applications in 2016, and so far it has been narrowed down to four finalists and three backup algorithms. These new algorithms use techniques that can withstand the attacks of quantum computers using the Shor algorithm.
Dustin Moody, the project leader, says NIST is on schedule to complete standardization of the four finalists in 2024, which includes developing guidelines to ensure the new algorithms are used correctly and safely. The remaining three algorithms are expected to be standardized in 2028.
The work of screening candidates for the new standard falls mostly to mathematicians and cryptographers from universities and research institutions. They make proposals for post-quantum cryptographic schemes and look for ways to attack them, sharing their findings by publishing papers and building on each other’s different attack methods.