Luckily, symmetric-key encryption methods are not in danger because they work very differently and can be secured by simply increasing the size of the keys they use—that is, unless mathematicians can come up with a way for quantum computers to break those as well . But even increasing the key size cannot protect existing public-key encryption algorithms from quantum computers. New algorithms are needed.
What are the repercussions if quantum computers break the encryption we currently use?
Yeah, it’s bad. If public-key encryption were suddenly broken without a replacement, digital security would be severely compromised. For example, websites use public-key encryption to maintain secure internet connections, so sending sensitive information through websites would no longer be safe. Cryptocurrencies also depend on public-key encryption to secure their underlying blockchain technology, so the data on their ledgers would no longer be trustworthy.
There is also concern that hackers and nation-states might be hoarding highly sensitive government or intelligence data—data they can’t currently decipher—in order to decrypt it later once quantum computers become available.
How is work on quantum-resistant algorithms progressing?
In the US, NIST has been looking for new algorithms that can withstand attacks from quantum computers. The agency started taking public submissions in 2016, and so far these have been narrowed down to four finalists and three backup algorithms. These new algorithms use techniques that can withstand attacks from quantum computers using Shor’s Algorithm.
Project lead Dustin Moody says NIST is on schedule to complete standardization of the four finalists in 2024, which involves creating guidelines to ensure that the new algorithms are used correctly and securely. Standardization of the remaining three algorithms is expected in 2028.
The work of vetting candidates for the new standard falls mostly to mathematicians and cryptographers from universities and research institutions. They submit proposals for post-quantum cryptographic schemes and look for ways to attack them, sharing their findings by publishing papers and building on each other’s different methods of attack.