Quantum Computing Threats to Cryptography

Quantum Computing Threats to Cryptography | CDA.Wiki | CDA.Wiki

# Quantum Computing Threats to Cryptography

Definition

Quantum computing threats to cryptography describe the risk that sufficiently powerful quantum computers will break the mathematical assumptions underlying widely used public-key cryptographic algorithms. Shor's algorithm, running on a cryptographically relevant quantum computer (CRQC), can efficiently factor large integers and compute discrete logarithms, rendering RSA, ECC, Diffie-Hellman, and DSA insecure. Grover's algorithm provides a quadratic speedup for brute-force attacks on symmetric cryptography, effectively halving key lengths (AES-256 becomes AES-128 equivalent). The "harvest now, decrypt later" strategy means this threat is active today, not a future concern.

How It Works

Shor's Algorithm: Factors large integers in polynomial time on a quantum computer. RSA-2048 security relies on the assumption that factoring a 2048-bit number is computationally infeasible for classical computers (estimated 10^15 years). A quantum computer with approximately 4,000 logical qubits could factor RSA-2048 in hours. Similarly, ECC-256 (used in TLS, Bitcoin, digital signatures) can be broken with approximately 2,500 logical qubits.

Grover's Algorithm: Provides quadratic speedup for unstructured search problems. For symmetric encryption, this means AES-256 provides 128 bits of effective security against quantum attack. For hash functions, collision resistance is reduced. AES-256 remains secure; AES-128 does not.

Current State of Quantum Computing: As of 2026, the largest quantum processors have thousands of physical qubits, but error rates remain high. A "logical qubit" (error-corrected, reliable) requires roughly 1,000-10,000 physical qubits depending on the error correction code. Breaking RSA-2048 would require millions of physical qubits. Estimates for when CRQCs arrive range from 2030 to 2045.

Harvest Now, Decrypt Later (HNDL): Nation-state adversaries are actively intercepting and storing encrypted communications today. When quantum computers become available, this archived data can be decrypted. Data with a secrecy requirement exceeding the estimated timeline to CRQC is already at risk. This includes classified information, trade secrets, medical records, financial data, and strategic communications.

Vulnerable Systems:

TLS/HTTPS (key exchange)
VPN protocols (IKE/IPsec key exchange)
SSH (key exchange and authentication)
Digital signatures (code signing, certificates, document signing)
Blockchain (ECDSA signatures)
PKI (certificate authorities, certificate chains)
Encrypted email (S/MIME, PGP)
Secure messaging (Signal Protocol key exchange)

Not Immediately Vulnerable:

AES-256 (symmetric; quadratic speedup still leaves 128-bit security)
SHA-256/SHA-3 (collision resistance reduced but remains adequate)
Hash-based authentication (HMAC)

Why It Matters

The threat timeline creates a paradox: the data is at risk today even though the quantum computers do not yet exist. Any data that must remain confidential for longer than the estimated time to CRQC is already compromised if it is being intercepted.

Consider a healthcare organization storing patient records encrypted with RSA-2048. Those records must remain confidential for decades (HIPAA has no expiration). If a nation-state actor captures that encrypted data today and a CRQC arrives in 2035, those records are exposed.

NIST has already standardized post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA) as of 2024. NSA's CNSA 2.0 mandates post-quantum migration for national security systems by 2035. The migration is a multi-year effort involving every system that uses public-key cryptography. Organizations that have not started are already behind.

The migration challenge is immense. Cryptographic dependencies are embedded in every layer of technology: network protocols, application code, certificate infrastructure, hardware security modules, key management systems, and third-party integrations. Replacing them is closer to renovating a building's foundation while people live in it.

Real-World Applications

Government Agencies: NSA and allied agencies are prioritizing post-quantum migration for classified communications under CNSA 2.0 timelines.
Financial Services: Central banks and payment networks are assessing quantum risk to transaction signing and inter-bank messaging (SWIFT).
Healthcare: Organizations with multi-decade data retention requirements are prioritizing cryptographic inventory and migration planning.
Telecommunications: Network operators are testing hybrid post-quantum key exchange in production TLS and VPN deployments.
Cryptocurrency: Blockchain projects are researching quantum-resistant signature schemes to protect the billions in assets secured by ECDSA.

CDA Perspective

Quantum computing threats are addressed under CDA's Data Protection & Sovereignty (DPS) domain through the Sovereign Data Protocol (SDP) methodology. Our position is unambiguous: if your data has a secrecy requirement of 10+ years, the migration started yesterday.

CDA's approach:

M-DPS-R01 conducts cryptographic asset inventory to identify all public-key cryptography dependencies
M-DPS-B03 architects crypto-agile systems that can transition to post-quantum algorithms without full rebuilds
M-DPS-H01 deploys hybrid encryption (classical + post-quantum) for data in transit and at rest during the transition period

CDA does not wait for quantum computers to arrive. Under the Empty Fortress Doctrine, we build defenses for the threat we can see coming, not the threat that has already arrived.

Key Takeaways

Shor's algorithm will break RSA, ECC, and Diffie-Hellman when cryptographically relevant quantum computers arrive
"Harvest now, decrypt later" makes this an active threat today for long-lived secrets
NIST standardized post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA) in 2024
AES-256 and SHA-256 remain adequate against quantum attacks
Cryptographic migration is a multi-year effort touching every system that uses public-key cryptography
Crypto-agility (the ability to swap algorithms) is as critical as choosing the right post-quantum algorithm

Table of Contents

Definition

How It Works

Why It Matters

Real-World Applications

CDA Perspective

Key Takeaways

Related CDA Missions

Discussion

The Academy

The Command Post

The Armory