Summary
- Quantum computing threatens current encryption standards by exponentially speeding up decryption.
- Post-quantum cryptography standards like Kyber offer more advanced encryption to counteract quantum computers.
- Despite potential future risks from quantum computing, advanced encryption safeguards are already being developed to protect data.
A new form of computing, known as “quantum computing”, could threaten the security of some of our most critical pieces of internet infrastructure. But what is quantum computing, and will it still be safe to use your credit card in the next decade?
Related
3 Ways Quantum Computing Will Change Our World
How this world-changing tech is set to transform the way we do things.
What is Classical Encryption?
One of the first forms of cryptography we see in the historical records can be attributed to the hieroglyphics of Ancient Egypt. Scrawled inside the Pharaoh’s pyramids, builders would often leave false instructions and encoded messages across tunnel walls designed to trick grave robbers searching for any treasure contained in the burial chamber. These misdirections would lead to traps and false rooms to protect the valuables of the Pharaoh from external attackers, in much the same way cryptography and encryption do on the modern internet today.
But rather than using hieroglyphics, the pyramid builders of our era (programmers) use huge math equations that hackers need to solve before they’re allowed to see what the Pharaoh’s hiding. To solve these math equations, a classical computer using linear processing can only run one calculation at a time. For example: Linear processing demands that if the answer to my math problem is 13+20, the computer needs to start with 1+1, then move to 1+2, 1+3, and so on.
While the computer will eventually reach a correct solution, ultimately, this sequential method of doing math just takes time. The larger the math problem, the more time it takes for a classical computer to figure out.
Currently, it’s estimated that even the world’s most advanced supercomputer, Frontier at Oak Ridge National Laboratory, would take a billion trillion times the age of the universe to brute force its way through the world’s most common encryption standard—256-bit AES.
256-bit AES is why everything from online banking, to messaging, to social media sites and more are secure enough to access through any device in your home.
Long gone is the hoodied hacker with green and black text running across their screen, rattling off the cliché “I’m in” once they’ve cracked the network’s defenses. Because of modern encryption, pretty much one of the only ways a hacker might gain access to your protected information these days is by tricking you into handing over your account details by accident via social engineering.
But a new technology emerging out of the labs of computing giants like IBM may be set to change the landscape of encryption as we know it, and possibly sooner than the world is prepared for.
Related
The Many Faces of Social Engineering
Social engineers know which buttons to press to make you do what they want.
How Do Quantum Computers Break Encryption?
Quantum computing is a technology which turns our idea of doing calculations on its head. While classical processors contain transistors capable of existing in one of two states—zero or one—quantum computers have transistors that can be both zero and one simultaneously.
Stick with me here, because this is where things get a little freaky. Due to a principle known as “superposition,” the qubits, or “quantum bits” inside a quantum computer can exist as both a zero and a one at the same time, because atoms can be either a particle or a wave at once. When you’re calculating through atomic probabilities instead of the confines of an abacus, almost anything is possible.
Because of their ability to calculate using multiple states at the same time, quantum computers are especially adept at doing very large math problems much faster than linear CPUs. Instead of 1+1, then 1+2, etc.; inside a qubit it could be 1+1 and the next four equations processed together. The more qubits you have, the more of these calculations you can do in parallel. The more calculations at once, the faster you break encryption.
While not practical for much else so far besides doing really complicated math quickly, quantum computers have still sent a shockwave through the online security community due to their unique potential against modern encryption standards.
What is Post-Quantum Cryptography?
In preparation for this growing threat, government, commercial, and consumer security entities have all started to roll out their own versions of what’s called “post-quantum cryptography”, or PQC.
PQC is designed to build safeguards into the backbone of your data that counteract the “solve everything at once” capabilities of quantum computers. PQC does this by effectively, at least in pursuit of a brief explanation, being a much harder math problem than current widespread encryption standards like RSA, ECC, or Diffie-Hellman.
Those three may not be prevalent in places like the Pentagon—you’ll be met with a whopping 512-bit AES key if you try to break in there—but they still secure vast amounts of our underlying connected world nonetheless. Everything from Bitcoin (ECC), to VPNs (RSA), to chip-based credit card transactions (both ECC and RSA) rely on aging encryption standards to protect your devices, digital currencies, and real currencies too.
It’s estimated that with advancements in quantum computing continuing at their current pace, it could be as little as 15 years before they’re able to brute force through the highest level of RSA encryption we have, RSA-2048. For a sense of where we are on that timeline, in late 2024 China announced one of its labs managed to break through RSA-50 using quantum techniques. But to temper the achievement slightly, cracking RSA-50 is so easy, a modern laptop could also do the same in minutes.
To head off this issue, using what’s known as “lattice math”, new PQC standards like Kyber can easily stand up to quantum computers in much the same way that 256-bit AES stands up to classical CPUs today. One way it achieves this is by creating a complicated 3D object, and then asking the computer to calculate the distance between two vectors in that model. In order to know the right distance between one section, it also needs to accurately calculate the dimensions of all other vectors contained in the object at the same time.
If one vector calculation is returned incorrectly (something quantum computers are prone to doing), the CPU needs to start again back at the beginning. No computer—classical or quantum—excels in specific tests like these.
The Cryptography Race Is On
Kyber is still undergoing rigorous testing from the cybersecurity community as of early 2025. However, it’s predicted that in the coming years it could seamlessly be integrated into systems which currently rely on RSA/ECC/Diffie-Hellman—and hopefully before quantum computers reach the scale necessary to break them.
Not just that, but because the time to break 256-bit AES would only be quartered by a quantum computer, it would still take a few trillion years to break into any network it’s protecting.
So, while quantum computers do pose a real risk for many of the world’s systems and currency exchanges in the coming decades, luckily the security researchers of the world are still a few steps ahead in the cryptography curve that keeps our data safe.
