- Quantum computers threaten classical cryptographic algorithms like RSA and ECC due to Shor's algorithm.
- AES is vulnerable to Grover's algorithm, albeit to a lesser extent than RSA and ECC. AES-256 is more resistant than AES-128.
- Post-quantum cryptography (PQC) aims to develop algorithms resistant to quantum computer attacks.
- Quantum Key Distribution (QKD) offers secure key exchange based on quantum mechanics, but faces practical challenges.
- NIST is standardizing PQC algorithms, and organizations are exploring hybrid QKD/PQC solutions.
- The timeline for significant quantum attacks is uncertain, but proactive measures are necessary.
Quantum computing poses a significant threat to modern cryptography. Quantum algorithms like Shor's and Grover's can break or weaken widely used encryption methods. This necessitates the development and adoption of quantum-resistant cryptographic solutions. This report provides an overview of the impact of quantum computing on existing cryptographic algorithms and explores potential solutions like post-quantum cryptography (PQC) and Quantum Key Distribution (QKD).
Classical cryptographic algorithms rely on mathematical problems that are difficult for classical computers to solve but are vulnerable to quantum algorithms.
| Algorithm | Vulnerability | Quantum Algorithm | Impact |
|---|---|---|---|
| RSA | Factoring | Shor's Algorithm | Efficient factorization of large numbers, breaking RSA encryption |
| ECC | Discrete Log | Shor's Algorithm | Efficiently solves discrete logarithm problems, breaking ECC encryption |
| AES | Brute Force | Grover's Algorithm | Reduces the search space, weakening AES security; AES-256 is stronger |
Shor's algorithm can efficiently factor large numbers, rendering RSA and ECC useless if a sufficiently powerful quantum computer is developed [http://greekcrisis.net/shors-algorithm-quantum-computers/]. Breaking RSA-2048 requires approximately 4000 qubits, and ECC-256 requires about 2500 qubits [https://ej-compute.org/index.php/compute/article/view/146].
Grover's algorithm reduces the brute-force search space for AES, weakening its security [https://ej-compute.org/index.php/compute/article/view/146]. AES-256 is more secure against quantum attacks than AES-128 or AES-192 [https://crypto.stackexchange.com/questions/6712/is-aes-256-a-post-quantum-secure-cipher-or-not].
Breaking RSA-2048 requires around 4000 qubits and millions of gate operations, potentially achievable within the next decade [https://ej-compute.org/index.php/compute/article/view/146]. A quantum computer breaking RSA-2048 in hours could be built by 2030 for around a billion dollars [https://crypto.stackexchange.com/questions/102671/is-aes-128-quantum-safe]. IBM has a 1121-qubit 'Condor' processor, with leading platforms aiming for two-qubit gate fidelity in the range of 99.9% to 99.99% [https://methodologists.net/Exploring-the-Transformative-Advancements-in-Quantum-Computing-and-Their-Global-Impact-in-2024].
Post-quantum cryptography (PQC) involves developing cryptographic algorithms that are secure against attacks by both classical and quantum computers [https://en.wikipedia.org/wiki/Post-quantum_cryptography].
PQC Algorithm Types
| Algorithm Type | Examples | Characteristics |
|---|---|---|
| Lattice-based | CRYSTALS-Kyber, CRYSTALS-Dilithium, NTRU | Based on the hardness of lattice problems |
| Multivariate | Rainbow | Based on the difficulty of solving systems of multivariate polynomial equations |
| Hash-based | SPHINCS+ | Based on the security of cryptographic hash functions |
| Code-based | Classic McEliece | Based on the difficulty of decoding general linear codes |
| Isogeny-based | CSIDH | Based on isogenies between supersingular elliptic curves |
| Symmetric Key Quantum Resistance | AES and SNOW 3G | Post quantum resistance to known Symmetric Key Quantum resistance attacks |
PQC algorithms often require larger key sizes compared to pre-quantum algorithms [https://en.wikipedia.org/wiki/Post-quantum_cryptography].
NIST Standardization
NIST is conducting a Post-Quantum Cryptography Standardization Process to select PQC algorithms [https://en.wikipedia.org/wiki/Post-quantum_cryptography]. NIST has released the first three finalized post-quantum encryption standards: CRYSTALS-Kyber (ML-KEM), CRYSTALS-Dilithium (ML-DSA), and SPHINCS+ [https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards].
QKD offers a method for secure key exchange leveraging the principles of quantum mechanics [https://www.iosrjournals.org/iosr-jce/papers/Vol16-issue2/Version-11/A0162110109.pdf]. Eavesdropping introduces detectable anomalies due to the disturbance of the quantum system [https://en.wikipedia.org/wiki/Quantum_key_distribution].
QKD Protocols
| Protocol | Description |
|---|---|
| BB84 | First QKD protocol |
| E91 | Uses entangled photons |
| COW | Coherent One Way |
Practical challenges include secret key rate, distance, size, cost, and practical security [https://arxiv.org/abs/1606.05853]. The NSA views quantum-resistant cryptography (PQC) as a more cost-effective and easily maintained solution than QKD for securing data in National Security Systems [https://www.nsa.gov/Cybersecurity/Quantum-Key-Distribution-QKD-and-Quantum-Cryptography-QC/].
Hybrid security systems integrating PQC and QKD are being explored [https://www.gsma.com/newsroom/wp-content/uploads//IG.18-Hybrid-QKD-and-PQC-security-scenarios-and-use-cases-Whitepaper-v1.0-002.pdf]. Network operators are expected to spend over $6 billion on QKD development and implementation between 2025 and 2030 [https://smartinfrastructuremagazine.com/news/quantum-key-distribution-network-operators-to-spend-6-3-billion-over-next-six-years].
Quantum computing advancements are progressing, creating an urgent need to transition to quantum-safe alternatives [https://ej-compute.org/index.php/compute/article/view/146]. Cryptographic vulnerabilities may emerge within the next 5–10 years [https://ej-compute.org/index.php/compute/article/view/146].
-
Implementation of Shor's Algorithm and Its Demonstrated Quantum ... - JSR
-
Implementation and Analysis of Shor's Algorithm to Break RSA ...
-
Quantum AI: Shor's Algorithm - How Quantum Computers Break Cryptography ...
-
Cyber Security Implications of Quantum Computing: Shor's ...
-
The Impact of Quantum Computing on Cryptographic Systems: Urgency of ...
-
Exploring AES Encryption Implementation Through Quantum Computing ...
-
CSRC Presentations | CSRC - NIST Computer Security Resource Center
-
RSA's demise from quantum attacks is very much ... - Ars Technica
-
Chinese researchers break RSA encryption with a quantum computer
-
Quantum Computing Breakthrough Could Crack ECC Cryptography ...
-
How many decades AES-128 will last? : r/cryptography - Reddit
-
The State of Quantum Computing in 2024: Innovations, Challenges, and ...
-
The Current State of Quantum Computing - IEEE Computer Society
-
Practical Impacts of Quantum Computing - National Institute of ...
-
The quantum threat to blockchain: summary and timeline analysis
-
First Four Quantum-Resistant Cryptographic Algorithms - Embedded
-
Exploring Elliptic Curve vs. Lattice-Based Cryptography for Future ...
-
[PDF] Performance Comparisons and Migration Analyses of Lattice-based ...
-
NIST Releases First 3 Finalized Post-Quantum Encryption Standards
-
Post-Quantum Cryptography Is a Must to Protect Your Systems | Gartner
-
Secure Data Infrastructure in a Post-Quantum Cryptographic World
-
NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration
-
PQC (Post-Quantum Cryptography): The New Network Security Threat
-
Exploring Post-Quantum Cryptography: Review and Directions for the ...
-
[PDF] a performance comparison of some hash functions in hash-based ...
-
[PDF] Comparative Analysis of Different Cryptographic Hash Functions
-
Practical challenges in quantum key distribution - arXiv.org
-
Hybrid QKD and PQC security scenarios and use cases Whitepaper
-
Quantum key distribution: Network… | Smart Infrastructure Magazine