Are current encryption algorithms vulnerable to quantum computers

TL; DR

Until practical quantum computers are built, we need not be overly concerned with the vulnerability of current encryption algorithms. Public key encryption algorithms such as RSA and ECC will likely be usable for another 10 years (an estimate) with symmetric algorithms such as AES much more resistant to quantum computers. Post quantum algorithms are being developed and will be standardised by the NIST.

See also my September 2024 article on post quantum cryptography.

Are current encryption algorithms vulnerable being cracked by quantum computers?

Conventional computers systems that are widely used today cannot easily crack the mathematical principles that encryption leverages to stay secure. Quantum computers on the other hand are much more powerful with respect to determining for example the factors of large numbers that underpins the RSA algorithm, making it potentially vulnerable once a suitably powerful quantum computer becomes practical to build/implement. This is due to quantum systems making more efficient use of Shor’s algorithm. Diffie-Hellman and ECC are vulnerable in a similar manner.

However, symmetric algorithms such as AES are much more resistant to quantum computers (especially when 256 bit or higher keys are used to resist Grover’s algorithm). Quantum computers don’t provide a significant advantage when trying to obtain the key used to carry out the encryption. However, it will be crucial that the keys used are as random as possible to make the process of attempting to guess the key as long as possible, just like passwords simple words should be avoided.

When will quantum computers become practical?

There are some differing estimates but a reasonable prediction is approximately 10 years from now.

Should commercial organisations or individuals be concerned?

Not especially, current public key encryption will still be useful for years to come (please see the answer to the previous question (above)).

Symmetric encryption is even less vulnerable. However, for data that will be stored in the long term, consider using symmetric encryption for now. In the future, migrate to hybrid encryption or migrate when post quantum encryption methods become available. Hybrid encryption can be cascaded with existing encryption algorithms with as yet unproven post quantum encryption methods meaning a threat actor would need to crack both to obtain the encryption key. Cascading is when multiple algorithms are used to encrypt data. Namely data is encrypted with algorithm A and then with algorithm B.

Will post quantum encryption be standardised similar to current encryption algorithms?

Yes, it appears so. The National Institute of Standards and Technology (NIST) is evaluating post quantum encryption algorithms and will announce new standards in the future. Further information is available here (please see the questions “Who are the post-quantum cryptography players”? and “Standards haven’t arrived yet, but preparations can already begin”) Another important question addressed is “What should a company consider for adopting post-quantum cryptography”?

Examples of candidate algorithms are listed in this post from Microsoft with open source libraries also in progress.

Conclusion

Quantum computers will pose new challenges for encryption, but work is underway to overcome them and with advance planning, these challenges can be resolved effectively. I hope the above post is useful in your decision making regarding current and future encryption.

Thank you.