Quantum Computers Threaten Asymmetric Cryptography but Not 128-bit Symmetric Keys
By
hasheddan
Pulled from the oven just right. Trustworthy, fact-dense, deeply satisfying.
Summary
The article clarifies that quantum computers pose a threat to asymmetric cryptography (like RSA and ECDSA) but not to symmetric cryptography (like AES). It addresses the misconception that quantum computers will halve symmetric key security, explaining that Grover's algorithm provides only a quadratic speedup, meaning 128-bit symmetric keys remain secure against quantum attacks. The article emphasizes that post-quantum transition efforts should focus on replacing vulnerable asymmetric algorithms rather than increasing symmetric key sizes.
Key quotes
· 4 pulledThe advancing threat of cryptographically-relevant quantum computers has made it urgent to replace currently-deployed asymmetric cryptography primitives—key exchange (ECDH) and digital signatures (RSA, ECDSA, EdDSA)—which are vulnerable to Shor's quantum algorithm.
It does not, however, impact existing symmetric cryptography algorithms (AES, SHA-2, SHA-3) or their key sizes.
There's a common misconception that quantum computers will 'halve' the security of symmetric keys, requiring 256-bit keys for 128 bits of security. That is not an accurate interpretation of the speedup offered.
There is no need to update symmetric key sizes as part of the post-quantum transition, due to the details of how Grover's algorithm scales.
You might also wanna read
Quantum computing poses a fundamental threat to Bitcoin's cryptographic security
This article discusses the ironic threat that quantum computing poses to the cryptocurrency industry, particularly Bitcoin. While crypto was
medium.com·5d ago
Quantum computing's security threats demand urgent preparation from IT professionals
The article discusses the impending quantum computing revolution and its dual nature: promising transformative advances while simultaneously
zdnet.com·8h ago