Quantum Computing and Cybersecurity: Is the Encryption Arms Race Already Over?

Imagine a vault that holds the world’s digital secrets — the wealth of nations in the form of bank transactions, the intimate details of medical histories, the most guarded state communications, the intellectual property of entire industries. For decades, we’ve relied on locks so mathematically intricate that even the fastest supercomputers would need longer than the age of the universe to pick them.

It’s been a relentless cat-and-mouse game: hackers refine their methods, cryptographers raise the walls higher, attackers find a crack, defenders seal it shut. The rules have always been the same, and the balance — though imperfect — has held.

Quantum computing threatens to flip the board entirely.

These aren’t just faster computers. Instead of processing bits as 1s or 0s, quantum machines harness the counterintuitive laws of physics — superposition, entanglement — to explore many possibilities at once. Problems considered untouchable by classical computers suddenly shrink in difficulty. Among them are the very mathematical puzzles that secure nearly every digital transaction and private conversation we have today.

In that scenario, there could be a single, irreversible “Q-Day” — the day a quantum machine becomes powerful enough to render much of the internet’s encryption obsolete in hours, not millennia. Data already stolen today could be unlocked tomorrow, a threat known as Harvest Now, Decrypt Later.

The question is no longer theoretical. Governments, corporations, and cybercriminal groups are racing quietly toward the same finish line — some to build the quantum key, others to replace the locks before it’s too late.

So… is the encryption arms race already over, or are we standing in the last window of time to fight back?

The Pre-Quantum Arms Race

The security of modern encryption isn’t based on the secrecy of the algorithms themselves, in fact, almost all mainstream encryption algorithms are publicly known. The strength comes from math problems so hard that, given today’s classical computers, solving them would take longer than the universe has existed.

Symmetric Cryptography: One Key to Rule Them All

In symmetric cryptography, the same key is used to both lock (encrypt) and unlock (decrypt) data.Think of it like a safe with a single combination: you need that exact code to open it, and there’s no shortcut except guessing.

• Examples: AES (Advanced Encryption Standard), 3DES (Triple Data Encryption Standard), ChaCha20.

• Security Principle: A brute-force attack must try every possible key. If the key is 128 bits long, that’s 2¹²⁸ possible combinations — an astronomically large number.

• Why Key Length Matters: Each extra bit doubles the number of possible keys.

  • AES-128: ~3.4 × 10³⁸ possibilities.

  • AES-256: ~1.16 × 10⁷⁷ possibilities. Even the fastest supercomputers would need more time than the universe’s age to check them all.

Historically, symmetric encryption has been the workhorse of secure communication because it’s fast and efficient. However, the challenge is securely sharing that key — if an attacker intercepts it during exchange, the game’s over.

Asymmetric Cryptography: The Two-Key Revolution

Asymmetric cryptography introduced a breakthrough: instead of a single shared key, you have a public key (for locking) and a private key (for unlocking).This allows anyone to send you a secure message without ever seeing your private key.

• Examples: RSA, Diffie–Hellman, ECC (Elliptic Curve Cryptography).

• Security Principle: These systems rely on one-way mathematical functions — easy to perform in one direction, nearly impossible to reverse without the key.

  • RSA: Based on factoring the product of two large prime numbers.

  • Diffie–Hellman/ECC: Based on solving discrete logarithm problems in large finite fields or elliptic curves.

• Key Size Evolution:

  • 1990s: RSA-512 was considered safe; broken in 1999.

  • 2000s: RSA-1024 was standard; now deprecated.

  • Today: RSA-2048 or RSA-3072 is common, with ECC gaining favor due to smaller keys offering equivalent security.

The beauty of asymmetric systems is that they solve the key exchange problem, you can publish your public key to the world without giving away your private key. The downside is they are computationally heavier than symmetric encryption.

Below is a video by Professor Messor explaining the difference between symmetric and asymmetric systems briefly. If you want to delve even deeper into this, let me know and I'll write an in-depth blog on that as well.

How the Arms Race Played Out

For decades, this “cryptographic equilibrium” held because attackers were chained to the realities of classical computing:

1. Moore’s Law (doubling transistors every ~2 years) meant computers got faster, but not fast enough to catch up to cryptographic key growth.

2. Cryptographers stayed ahead by lengthening keys or switching algorithms before attackers could mount feasible brute-force attacks.

3. Every broken system (like DES, cracked by the EFF in 1998) led to stronger replacements (like AES).

The implicit assumption: As long as we keep upgrading keys and algorithms in step with computing advances, encryption remains a moving target no one can hit.

Quantum Computing 101 – Why the Game Changes

Classical computers use bits that are either 0 or 1. Quantum computers use qubits, which can be 0, 1, or both at once thanks to superposition. Even more power comes from entanglement, where qubits become linked so that the state of one instantly influences another, no matter how far apart they are.

In practical terms:A classical computer checking a password tries each combination one after another. A quantum computer can, in certain cases, process many combinations at the same time.

This doesn’t make every computation faster — quantum speedups apply to specific types of problems. Unfortunately for us, breaking encryption is one of those problems.

Shor’s Algorithm – The Public-Key Destroyer

Developed in 1994 by Peter Shor, this algorithm can factor large integers and solve discrete logarithms exponentially faster than any classical method.For asymmetric cryptography, that’s devastating:

• RSA: A 2048-bit RSA key would take a classical computer trillions of years to factor.A large enough quantum computer running Shor’s could do it in hours or days.

• ECC: Even with smaller keys, ECC is vulnerable because Shor’s can solve its discrete log problem just as effectively.

Impact: All common public-key systems — RSA, ECC, Diffie–Hellman — become useless once quantum computers hit the required scale.

Below is a video by "minutephysics" for an in-depth explanation of Shor's algorithm. My explanation was inspired by this video only.

Grover’s Algorithm – The Symmetric Weakener

Introduced in 1996 by Lov Grover, this algorithm speeds up brute-force search of an unstructured dataset from O(N) to O(√N).

• Effectively halves key strength:

  • AES-128 → equivalent to AES-64 security (breakable).

  • AES-256 → equivalent to AES-128 security (still safe by today’s standards).

• Also impacts hash functions (e.g., SHA-256 collision resistance drops from 2²⁵⁶ to 2¹²⁸).

Impact: Symmetric systems aren’t obliterated like public-key systems, but they need longer keys to remain secure in the quantum era.

Grover's algorithm is so so complex that I could write a series of blogs on it, not even one. But, it's more physics than Cybersecurity. For now, I'll be linking a video below for you to fulfill your curiosity, but if you want to have a deep dive into Grover's algorithm, let me know in the comments or email me. We'll get there too, eventually.

The Quantum Threat – A Closer Look

How Soon Could This Happen?

Pinning down the arrival date of a “cryptographically relevant” quantum computer — one with enough stable, error-corrected qubits to run Shor’s algorithm on RSA-2048 — is like forecasting the exact landfall of a hurricane still in the middle of the ocean. The science is advancing rapidly, but there are still unpredictable engineering leaps (or setbacks) ahead.

• Optimists — or rather, security optimists — believe that scalable, fault-tolerant quantum computers won’t arrive until 2040 or later. They point to the enormous challenge of qubit stability, error correction overhead, and hardware scaling. In their view, the hype is outpacing the hardware, and we have decades to prepare.

• Realists cite risk assessments like the Global Risk Institute’s 2024 study, which estimated a 19–34% probability of breaking RSA-2048 by 2034 [1]. While that’s not a certainty, the potential impact is so severe that even a 1-in-3 chance is cause for serious action. For comparison, that’s roughly the same probability of rolling doubles three times in a row with dice — unlikely, but far from impossible.

• Strategists follow Mosca’s Rule, which merges the time needed to protect secrets (X) with the time until a quantum breakthrough (Y). If your secrets need to remain secure for 10 years (X) and quantum code-breaking could arrive in 10–15 years (Y), the sum is perilously close to the horizon. The conclusion: start migrating now — not when the headlines scream “Q-Day is here.”

The “Harvest Now, Decrypt Later” Problem

Even if Q-Day is 15 or 20 years away, the threat is already live. Intelligence agencies, cybercriminal groups, and even corporate espionage actors are engaging in Harvest Now, Decrypt Later (HNDL) campaigns.

Here’s how it works:

1. They intercept encrypted traffic — VPN tunnels, secure email, blockchain transactions, proprietary data dumps.

2. They store that encrypted data in vast archives.

3. When quantum capability arrives, they decrypt it at scale.

This tactic is devastating for long-lived secrets — think government archives, health records, intellectual property, defense blueprints. A spy agency in 2040 might not care about your online grocery orders from 2025, but it will absolutely care about nuclear facility schematics, drug formula IP, or confidential diplomatic cables.

The uncomfortable truth: HNDL means that the confidentiality of today’s communications depends on tomorrow’s cryptographic readiness. If you migrate to post-quantum cryptography in 2035, it will only protect future messages — not the ones you sent in 2025.

The Global Quantum Arms Race

Quantum supremacy — the point where a quantum computer can solve a problem beyond any classical system’s reach — is more than a scientific milestone. In geopolitical terms, it’s like the launch of Sputnik or the first nuclear detonation. It signals not just technological prowess, but strategic leverage.

China

China is arguably the most aggressive player in the race:

• Estimated $10–15 billion in direct state funding.

• Leads the world in quantum research patents and academic publications.

• Reports of breakthroughs in photonic quantum chips (potentially more scalable qubit architectures) and hybrid quantum–classical factoring algorithms.

• Operates the Micius quantum satellite, enabling long-distance quantum key distribution — a strategic asset for secure government comms.

While some of these achievements are debated in the West, the combination of heavy investment, rapid iteration, and tight state control means China could deploy a working cryptographic quantum computer faster than its rivals expect.

United States

The U.S. is leveraging its innovation ecosystem:

• National Quantum Initiative Act coordinates federal funding and research.

• IBM has a detailed roadmap aiming for 1,000+ qubits in the next few years.

• Google made headlines in 2019 by claiming quantum supremacy (on a narrow, contrived task), proving the concept’s viability.

• Strong private–public collaboration with Microsoft, Intel, Amazon, and top universities working on hardware, algorithms, and post-quantum cryptography.

European Union, India, and Allies

• The EU Quantum Flagship is a €1 billion program fostering research in quantum communication, sensing, and computing.

• India has launched its National Mission on Quantum Technologies & Applications, with a focus on both computing and secure communications.

• Allied efforts include Canada’s leadership in superconducting and photonic qubits, Australia’s expertise in silicon spin qubits, and Japan’s quantum material science.

The Strategic Risk of Secrecy

The scariest scenario?If one nation secretly achieves quantum code-breaking first, it would have every incentive to keep it under wraps. Instead of public demonstrations, it could:

• Quietly intercept and read adversaries’ most sensitive communications.

• Manipulate financial markets using privileged data.

• Disrupt military planning with precision intelligence.

In such a world, the real Q-Day wouldn’t be when the first quantum decryption is announced — it would be when the first country starts using it covertly. By the time the rest of the world realizes, the intelligence imbalance could be irreversible.

Defensive Technologies

The quantum threat is serious, but it’s not a one-sided fight. Cryptographers and standards bodies have been racing just as hard — maybe harder — to make sure we have tools ready before Q-Day arrives. The main weapon in our arsenal? Post-Quantum Cryptography (PQC).

Post-Quantum Cryptography (PQC)

PQC refers to cryptographic algorithms designed to be secure against both classical and quantum attacks. The crucial point: PQC algorithms run on ordinary computers — they don’t require quantum hardware to work, which means they can be deployed globally with today’s technology.

The U.S. National Institute of Standards and Technology (NIST) has been running a seven-year open competition to identify the best PQC algorithms. The selection process has been brutal: proposed algorithms have been cryptanalyzed by experts worldwide, with many candidates eliminated after vulnerabilities were discovered. This public trial-by-fire is why the winners carry so much credibility.

Here’s what made the final cut:

1. ML-KEM (Kyber) – Lattice-Based Key Encapsulation

• Purpose: Securely exchange symmetric keys over an insecure channel (the PQC replacement for RSA or Diffie–Hellman in TLS handshakes).

• Strength: Based on the module learning-with-errors problem, which has no known efficient quantum attack.

• Advantages: Small key sizes, high performance — it’s practical for web servers, VPNs, and embedded systems.

• Why It Matters: This is the algorithm that will replace RSA in most internet encryption setups.

2. ML-DSA (Dilithium) – Lattice-Based Digital Signatures

• Purpose: Sign and verify digital messages or software to prove authenticity.

• Strength: Also based on lattice problems; balances strong security with acceptable signature sizes.

• Advantages: Faster verification times, making it well-suited for high-traffic applications like securing browser connections or authenticating IoT updates.

3. Alternatives – FALCON and SPHINCS+

• FALCON: Lattice-based like Dilithium, but with much smaller signatures and higher complexity in implementation (good for space-constrained environments).

• SPHINCS+: Hash-based, stateless signature scheme — slower and larger, but uses a completely different security foundation, making it a hedge against lattice-focused attacks.

4. Backup – HQC

• Full Name: Hamming Quasi-Cyclic.

• Purpose: Backup KEM based on error-correcting codes.

• Why a Backup? In case a major breakthrough undermines lattice-based security (yes, cryptographers think that far ahead).

• Drawback: Larger key sizes and slower performance — not ideal for every use case, but invaluable for resilience.

Key point: All of these algorithms are designed to resist known quantum attacks (Shor, Grover) and the best classical cryptanalysis. But “resist” doesn’t mean “immune forever” — the security community assumes continuous review and improvement.

PQC is a whole new branch of Cryptography, and would probably be the only branch in the future. I'll surely be writing a deep dive on PQC in a few months, but for now, I'm gonna link to lectures by NIST on PQC. I attended 3 lectures from this, and I must say, it totally blew my mind (and it took me way longer than expected to grasp the entire material of those lectures. Let me know how your experience was.)

https://csrc.nist.gov/projects/post-quantum-cryptography/workshops-and-timeline/pqc-seminars

Quantum Key Distribution (QKD)

QKD is an entirely different beast. Instead of relying purely on math, it uses quantum physics to secure key exchange.

• How It Works: Two parties exchange photons over a fiber optic or free-space link. The laws of quantum mechanics guarantee that any eavesdropper trying to measure those photons will disturb them, revealing their presence.

• Security Promise: Theoretically unbreakable, even by quantum computers.

• Limitations:

  • Requires specialized hardware.

  • Limited range without trusted relays.

  • Expensive to deploy at scale.

  • Not a drop-in replacement for internet-wide encryption.

China’s Leadership: Through its Micius satellite and terrestrial QKD networks, China has demonstrated QKD over thousands of kilometers. It’s a powerful showcase — but realistically, QKD is likely to remain a niche tool for military, diplomatic, and ultra-high-security financial communications rather than a universal standard.

Migration Challenges – The Hard Part

Switching to PQC is not like updating an app — it’s more like rewiring the nervous system of the global internet.

1. It’s Everywhere

RSA and ECC aren’t just in your browser’s HTTPS connection. They’re:

• Embedded in VPN protocols.

• Burned into IoT firmware.

• Running in point-of-sale terminals.

• Inside automotive control systems.

• Embedded in industrial SCADA equipment.

2. Hardware Constraints

Some devices — especially IoT and embedded systems — can’t handle the larger keys, signatures, or processing demands of PQC without hardware upgrades. A smart lock or industrial sensor with a low-power chip might need a full redesign.

3. Crypto-Agility Is Rare

Many systems were designed to support only one cryptographic algorithm. Changing it requires rewriting protocols, re-certifying compliance, and ensuring backward compatibility.

4. Timeframes Are Long

For a large organization:

• Audit Phase: 6–12 months to discover all crypto dependencies.

• Migration Planning: 1–2 years to design upgrades without breaking compatibility.

• Implementation: 2–5 years to deploy across systems, partners, and customers. This is why NIST and CISA say start now — even if Q-Day is 15 years away.

Case Study – Quantum vs. Bitcoin

Bitcoin, the world’s first and largest cryptocurrency, isn’t just a financial experiment — it’s also a giant, living example of cryptography at work. The security of every satoshi in circulation depends on elliptic curve cryptography (ECC), specifically the secp256k1 curve.

How Bitcoin Security Works Today

• Private Key: A secret 256-bit number you generate. This is your real Bitcoin “ownership” — whoever has this can spend your coins.

• Public Key: A number mathematically derived from your private key. Safe to share; used to verify signatures.

• Address: A hashed version of the public key (shorter and more user-friendly).Until you spend from an address, the public key itself stays hidden, because the blockchain only shows the address.

This setup works beautifully — for now — because deriving a private key from a public key is mathematically infeasible for classical computers. It would take more time than the universe has existed to brute-force it.

Where the Quantum Risk Comes In

When you send Bitcoin from a wallet:

1. You reveal the public key in the transaction, so the network can verify your signature.

2. This gives an attacker a narrow window — between transaction broadcast and blockchain confirmation — to try and guess your private key.Today, this is laughably impossible.

   
   

But with a sufficiently powerful quantum computer running Shor’s algorithm, that narrow window becomes deadly:

• Shor’s algorithm could factor ECC’s discrete logarithm problem in polynomial time, allowing the private key to be computed directly from the public key.

• Once the attacker has your private key, they can broadcast their own transaction, draining the wallet.

This attack wouldn’t just hit active wallets — it would also endanger dormant addresses that have already revealed their public keys in past transactions.

The Scale of the Threat

• Dormant Funds: Blockchain analytics suggests that millions of BTC (worth hundreds of billions USD) sit in wallets that have exposed their public keys in past activity but are now inactive. Many are “lost” coins — but if recovered, they’d be fair game for quantum theft.

• Live Transactions: If Q-Day arrives suddenly, active transactions could be hijacked in real time, triggering panic and potentially crashing the entire crypto market.

• Confidence Collapse: Even a small-scale quantum theft could shatter trust, tank prices, and destabilize other cryptocurrencies that use similar ECC-based security (Ethereum, Litecoin, Dogecoin, etc.).

Mitigation Efforts

Some blockchain projects are already experimenting with PQC-based signature schemes, such as:

• Hash-based signatures (e.g., SPHINCS+).

• Lattice-based schemes (like Dilithium) adapted for blockchain environments.

However:

• Technical Barriers: Larger keys and signatures can bloat blockchain size, increasing transaction costs.

• Political Resistance: Changing the Bitcoin protocol requires near-unanimous community consensus, which historically is slow and contentious.

• Backward Compatibility: Even if new addresses use PQC, old public-key-revealed addresses remain permanently vulnerable.

For Bitcoin specifically, migration would likely require:

1. Protocol upgrade to support quantum-safe signature algorithms.

2. Mass user migration of funds to new PQC-protected addresses before Q-Day.

3. Global education push to ensure wallet providers, exchanges, and miners all adopt the new standard.

The clock for this process? Years — not months — which is why experts warn the community to start planning early.

What CISOs Should Do Now

The quantum threat is not a problem for future CISOs — it’s one for today’s boardrooms, security teams, and risk managers. The transition to quantum-resistant security is less about flipping a switch and more about navigating a multi-year migration with no room for mistakes. Here’s how to start.

1. Inventory Your Cryptography

You can’t protect what you can’t see. Begin by mapping every point in your organization where cryptography is in play — from TLS on your public-facing web servers, to VPN tunnels, to software signing certificates, to internal APIs. Document where RSA, ECC, and even symmetric algorithms like AES are used. Don’t forget “hidden” crypto dependencies in third-party applications or legacy systems.

2. Prioritize High-Risk Assets

Not all secrets are created equal. Focus on long-lived, high-value data:

• Government records with decades-long confidentiality requirements.

• Healthcare data bound by privacy laws that don’t expire.

• Intellectual property that fuels competitive advantage. If these are stolen today, they could be decrypted years from now using a Harvest Now, Decrypt Later approach. Treat them as the first priority for quantum-proof protection.

3. Build Crypto-Agility Into Systems

Crypto-agility means your systems can swap out algorithms without breaking functionality. Today, replacing RSA with a NIST-approved PQC algorithm might require rewriting entire applications — which is why agility needs to be engineered now.

4. Pilot Post-Quantum Cryptography (PQC)

Don’t wait for the “final” standard to be deployed everywhere. Begin testing NIST’s recommended PQC algorithms — such as CRYSTALS-Kyber for key exchange and CRYSTALS-Dilithium for digital signatures — in non-critical environments.Pilot projects reveal integration issues, performance trade-offs, and compatibility problems long before you roll out changes across production systems.

5. Upgrade Symmetric Keys and Hashes

While quantum computers won’t devastate symmetric cryptography as severely as public-key systems, they will weaken it. Grover’s algorithm effectively halves key strength, meaning AES-128 offers only ~64 bits of security against quantum attackers.

6. Track Quantum Computing Progress

The biggest mistake you can make is assuming quantum computing will advance slowly. Set a recurring review — at least annually — to assess the state of quantum hardware, cryptanalysis breakthroughs, and NIST updates. Adjust migration timelines accordingly.

Conclusion

The encryption arms race isn’t ending — it’s entering its most dangerous phase. Quantum computing will eventually break today’s public-key cryptography. Whether that moment arrives in five years or twenty-five, the migration window is measured in years, not months.

The weapons are already on the table: PQC algorithms, crypto-agility, and strategic foresight. But the greatest vulnerability isn’t in our math — it’s in our mindset.

Q-Day will only be catastrophic if it catches us asleep. Start now, and we can meet quantum attackers with quantum-proof defenses. The locks aren’t broken yet, but the locksmith is on the way — and he’s moving faster than most expect.

References

[1] CSO Online. Quantum Supremacy: Cybersecurity’s Ultimate Arms Race Has China Way in Front. https://www.csoonline.com/article/3979036/quantum-supremacy-cybersecuritys-ultimate-arms-race-has-china-way-in-front.html

[2] Fortinet. Understanding Shor’s and Grover’s Algorithms. https://www.fortinet.com/resources/cyberglossary/shors-grovers-algorithms

[3] Nextgov/FCW. The Quantum Computing Arms Race Is Not Just About Breaking Encryption Keys. https://www.nextgov.com/ideas/2022/06/quantum-computing-arms-race-not-just-about-breaking-encryption-keys/368834/

[4] NIST. NIST Releases First 3 Finalized Post-Quantum Encryption Standards. https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards

[5] NIST. Post-Quantum Cryptography Seminars. https://csrc.nist.gov/projects/post-quantum-cryptography/workshops-and-timeline/pqc-seminars

[6] FedScoop. NIST Selects Backup Algorithm for General Encryption Against Quantum Cyberattacks. https://fedscoop.com/nist-backup-algorithm-general-encryption-quantum-cyberattacks-pqc/

[7] Livescience. Chinese Scientists Claim They Broke RSA Encryption With a Quantum Computer — But There’s a Catch. https://www.livescience.com/technology/computing/chinese-scientists-claim-they-broke-rsa-encryption-with-a-quantum-computer-but-theres-a-catch