Cyber Security

How will Shor's Algorithm affect current Cyber Security standards for RSA and ECC encryption?

CH Asked by Christopher Miller · 15-11-2023
0 upvotes 19,093 views 0 comments
The question

I am worried about the "Harvest Now, Decrypt Later" strategy being used by bad actors. If Shor's Algorithm can theoretically break RSA encryption in minutes, how soon do we need to migrate our enterprise data to Post-Quantum Cryptography (PQC) to remain compliant with federal security standards? 

3 answers

0
ME
Answered on 20-02-2023

The threat is very real, and the timeline is often referred to as 'Y2Q' or 'Q-Day.' NIST has already been finalizing its selection of quantum-resistant algorithms, such as CRYSTALS-Kyber and CRYSTALS-Dilithium. If you are handling long-term sensitive data, such as medical records or government secrets, you should have started your 'Quantum Risk Assessment' yesterday. The problem with Shor's is that it targets the mathematical difficulty of factoring large integers, which is the literal foundation of our current internet security. Moving to lattice-based cryptography is currently our best defense against the eventual arrival of a Cryptographically Relevant Quantum Computer.

0
BR
Answered on 12-03-2023

Melissa, while the NIST algorithms are a step forward, how do we handle the performance overhead? I've read that PQC signatures are much larger than RSA keys. Won't this significantly slow down SSL/TLS handshakes and cause massive latency issues for high-frequency trading or real-time streaming services?

JA 22-03-2023

Brandon, you are correct about the key sizes. The challenge for developers in 2025 will be optimizing the network stacks to handle these larger packets. We might see a shift where we use PQC for the initial key exchange but maintain symmetric encryption like AES-256 for the actual data, as AES is much more resistant to Grover's Algorithm, which only provides a square-root speedup rather than a total break.

0
RO
Answered on 15-04-2023

The "Harvest Now" threat is the biggest issue. Even if the hardware isn't ready, the data being stolen today is at risk. Everyone should be moving to 'Quantum-Safe' VPNs immediately. 

CH 18-04-2023

I agree with Robert. It’s a terrifying thought that encrypted data sitting on a hard drive today could be cracked wide open in just a few years.

Share your thoughts

Your email address will not be published. Required fields are marked (*)

Professional Counselling Session

Still have questions?
Schedule a free counselling session

Our experts are ready to help you with any questions about courses, admissions, or career paths. Get personalized guidance from industry professionals.

Request a Call Back

Search Online

We Accept

We Accept

Follow Us

"PMI®", "PMBOK®", "PMP®", "CAPM®" and "PMI-ACP®" are registered marks of the Project Management Institute, Inc. | "CSM", "CST" are Registered Trade Marks of The Scrum Alliance, USA. | COBIT® is a trademark of ISACA® registered in the United States and other countries.

Book Free Session