The Looming Quantum Threat: Why We Must Act Now to Secure Cryptography

Quantum computing won’t wait. With encryption at risk, organizations must migrate to post-quantum cryptography now—or risk future exposure.

For years, IBM and other global technology leaders have been making steady progress toward the realization of quantum computing. Alongside them, countries such as China have also claimed moderate success in developing quantum capabilities. While these advancements represent a significant milestone in computing, they also pose a critical security threat that cannot be ignored.

The Quantum Computing Security Challenge

Much of today’s cryptographic security infrastructure relies on the hardness of certain mathematical problems. These include integer factorization (which underpins RSA encryption) and the discrete logarithm problem (used in Diffie-Hellman key exchange). The security of these cryptographic systems is based on the assumption that no efficient algorithm exists to solve these problems in polynomial time. If quantum computing reaches a level where these problems can be solved efficiently, most of our existing public-key cryptography will become obsolete.

The ramifications are severe. The entire security framework used to protect financial transactions, government communications, and personal data would be at risk. We have become deeply dependent on these cryptographic methods, and without viable replacements, our ability to secure digital information would be in jeopardy.

The State of Quantum Computing

Some experts argue that practical quantum computing capable of breaking encryption is still 10 to 20 years away. Even Google’s recent announcement of its Willow quantum processor, which boasts 123 qubits, is still far from the threshold needed to break modern asymmetric cryptographic systems. Experts estimate that to pose a real threat, quantum computers would need thousands of stable qubits. However, the possibility of a “quantum surprise”—a sudden breakthrough in secrecy—remains a major concern.

Even without an immediate threat, the long-term implications demand urgent action. Many governments and enterprises need their confidential data to remain secure for decades. If an adversary intercepts encrypted communications today, they could store the data and decrypt it later when quantum computing reaches maturity. This is known as the “record now, decrypt later” strategy, and it presents a significant threat to national security, banking, and sensitive corporate information.

Preparing for the Quantum Threat

The U.S. National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS) have already issued guidelines urging federal agencies to prepare for quantum-safe cryptography. India’s Ministry of Electronics and Information Technology has circulated similar documents, though they have yet to be mandated. Enterprises and governments must begin transitioning to quantum-resistant cryptographic methods now, rather than waiting until quantum computers become a clear and present danger.

The first step in quantum preparedness is identifying all instances where vulnerable cryptography is being used. This includes software, embedded systems, secure communication protocols, and digital certificates. Organizations must create a comprehensive cryptographic inventory—often referred to as a cryptographic bill of materials (CBOM)—to understand their exposure.

Once vulnerabilities are identified, organizations need to assess the risk associated with each use case. Some legacy systems may be decommissioned before quantum threats materialize, while others may need urgent upgrades. The next crucial step is achieving cryptographic agility, which allows organizations to swiftly replace existing cryptographic algorithms with quantum-safe alternatives without requiring extensive system overhauls.

The Role of Post-Quantum Cryptography (PQC)

NIST has been leading a global effort to standardize post-quantum cryptographic algorithms since 2015. The process has involved multiple rounds of rigorous evaluation and testing. In 2024, NIST finalized its selection of three quantum-safe algorithms:

1. Crystal Kyber – A key encapsulation algorithm based on lattice-based cryptography.
2. Crystal Dilithium – A digital signature algorithm that is also lattice-based.
3. SPHINCS+ – A stateless hash-based signature scheme.

Lattice-based cryptography is believed to be quantum-resistant due to its reliance on complex geometric problems that quantum algorithms struggle to solve efficiently. However, these algorithms are not mathematically proven to be quantum-safe; they have merely withstood all known quantum attacks so far. This underscores the need for continued monitoring and adaptability in cryptographic implementations.

Challenges in Implementing PQC

Transitioning to PQC is not as simple as swapping out one algorithm for another. Public key infrastructure (PKI) systems, which issue digital certificates, will need to be updated to support these new algorithms. Given that the current PKI ecosystem took decades to establish, integrating quantum-safe alternatives will require significant effort and time.

Moreover, real-world implementation poses challenges. Cryptographic algorithms often have vulnerabilities not in their theoretical design but in their software and hardware implementations. The infamous OpenSSL Heartbleed vulnerability in 2014 serves as a reminder that flawed implementations can render even the strongest algorithms ineffective. Side-channel attacks, where adversaries extract cryptographic keys by analyzing system behavior, remain a pressing concern. Ongoing research is needed to develop hardened implementations resistant to these threats.

India’s Role in Quantum Security

India has recently launched a national quantum mission aimed at fostering indigenous quantum technology development. As part of this initiative, research institutions such as IIT Kanpur are actively working on implementing and testing PQC algorithms. While India currently follows NIST’s guidelines, there is a possibility that it will develop its own quantum-safe standards tailored to its unique security needs.

For Indian enterprises and government agencies, waiting for a government mandate may be too late. The financial sector, in particular, should start planning its quantum transition now. The Reserve Bank of India (RBI) and other regulatory bodies must issue clear directives on PQC adoption timelines, mirroring efforts by NIST and DHS.

The Urgency of Quantum Preparedness

Despite the 10- to 20-year horizon for large-scale quantum computing, organizations cannot afford to delay. The process of migrating to quantum-safe cryptography will take years, and the threat of retrospective decryption is real. The Moskowitz Theorem underscores this urgency: if the time required to deploy quantum-safe algorithms (Y) plus the number of years data must remain confidential (X) exceeds the estimated time to practical quantum computing (Z), then organizations are at risk.

Governments and enterprises must take proactive steps now:

1. Identify Quantum-Vulnerable Cryptography – Conduct a cryptographic inventory to locate weak algorithms in use.
2. Assess Risks and Prioritize Migration – Determine which systems need immediate transition to quantum-safe alternatives.
3. Achieve Cryptographic Agility – Develop flexible cryptographic frameworks that allow for seamless algorithm replacement.
4. Adopt PQC Algorithms – Begin implementing NIST-approved quantum-resistant cryptography.
5. Upgrade PKI Infrastructure – Ensure that digital certificates support quantum-safe key exchanges and signatures.
6. Monitor Cryptographic Advances – Stay informed about new vulnerabilities and advancements in PQC.

Conclusion

The threat of quantum computing to modern cryptography is no longer theoretical—it is a matter of when, not if. Organizations must start planning their transition to quantum-safe cryptography today. Regulatory bodies must enforce mandates to accelerate migration, and enterprises must embrace cryptographic agility to future-proof their security frameworks. Waiting until quantum computers become powerful enough to break today’s encryption will be too late. The time to act is now.

(This article is inspired by a talk given by Dr. Sandeep K. Shukla, Chair Professor in Cybersecurity at IIT Kanpur, at the CISO Forum in December 2024. Some content has been edited for brevity.)