HyperDrift
IssueHydra Article 8: Production Resilience — Making the Mesh Fail Loudly, Not SilentlyDaily Brief [AI]Today's signal →Digital studio
IssueHydra Article 8: Production Resilience — Making the Mesh Fail Loudly, Not Silently
Daily Brief [AI]Today's signal →

Quantum vs Crypto: What Breaks, What Survives

#quantum#science#security+2 more
Crystalline blue structure being dissolved by a violet quantum wave

The goal is not to panic. The goal is to understand what is actually at stake.

This is part of a series marking World Quantum Day 2026. Start there for context. Or read on — this piece stands on its own.

The threat model in plain terms

Quantum computers do not break all cryptography. They break specific mathematical problems that classical computers find intractable — problems that happen to underpin most of the public-key infrastructure the internet is built on.

The key algorithm to understand is Shor's algorithm, published in 1994. It can factor large integers and compute discrete logarithms exponentially faster than any known classical algorithm. This is not a theoretical edge case. It is a direct attack on:

  • RSA — the most widely deployed public-key encryption standard
  • ECC (Elliptic Curve Cryptography) — the basis of HTTPS, SSH keys, and nearly all blockchain protocols
  • Diffie-Hellman key exchange — foundational to TLS, VPNs, and secure communications

If a sufficiently powerful quantum computer runs Shor's algorithm against your RSA-2048 key, it breaks it. Not slowly. It breaks it.

What breaks

AlgorithmUsed forQuantum threat
RSA-2048 / RSA-4096HTTPS, email, code signingBroken by Shor's algorithm
ECDSA / ECDHTLS, SSH, Bitcoin, EthereumBroken by Shor's algorithm
Diffie-HellmanVPNs, secure key exchangeBroken by Shor's algorithm
Ed25519SSH keys, JWT signingBroken — also elliptic curve

The uncomfortable truth: the private key behind your Ethereum wallet, your SSH server, and your HTTPS certificate are all vulnerable to a large-scale quantum computer running Shor's algorithm.

What survives

Not everything is equally exposed. Grover's algorithm is the other relevant quantum attack — it gives a quadratic speedup for brute-force search. This weakens symmetric encryption but does not break it.

AlgorithmQuantum threatRecommendation
AES-256Grover halves effective key size to 128-bitStill safe — just use AES-256, not AES-128
SHA-256 / SHA-3Weakened but not brokenStill safe with longer digests
Argon2 / bcryptWeakened but not brokenStill safe for passwords

The practical takeaway: symmetric cryptography is quantum-resistant with key size adjustments. Asymmetric public-key cryptography is not.

The post-quantum transition: what NIST decided

In August 2024, NIST finalized the first three post-quantum cryptography standards:

  • ML-KEM (formerly CRYSTALS-Kyber) — for key encapsulation / key exchange
  • ML-DSA (formerly CRYSTALS-Dilithium) — for digital signatures
  • SLH-DSA (formerly SPHINCS+) — hash-based signature scheme

These are based on mathematical problems — lattice problems and hash functions — that are believed to resist both classical and quantum attacks. Cloudflare, Google, and Signal have already started deploying them in parallel with existing standards.

This is the migration path. It is not optional, and it is not fast.

The "harvest now, decrypt later" problem

There is a subtle attack that makes this urgent today even if quantum computers are still years from cracking production keys at scale: HNDL (Harvest Now, Decrypt Later).

State actors and sophisticated adversaries are intercepting and storing encrypted traffic now, betting they will have quantum capability to decrypt it later. Anything with a long confidentiality window — health data, financial records, state secrets, long-lived blockchain transactions — is already at risk under this model.

This is not hypothetical. The NSA recommended transitioning away from ECC and RSA for classified systems by 2030.

What teams should actually do today

Short term (now):

  • Audit your cryptographic dependencies. Know which libraries and protocols use RSA or ECC.
  • Move to AES-256 over AES-128 for symmetric encryption.
  • Watch the NIST post-quantum migration guidance.

Medium term (next 1–2 years):

  • Start hybrid deployments: run post-quantum algorithms alongside classical ones. Major TLS libraries support this now.
  • Prioritize long-lived data and credentials — these are most exposed.

Web3 specifically:

The bottom line

Quantum computers are not breaking your systems today. But the cryptographic foundations most of us rely on were not designed with quantum adversaries in mind, and the migration to post-quantum standards takes years.

The teams that start now will be ready. The teams that wait for a confirmed threat will be scrambling.

Intel tracks these developments daily. The post-quantum transition is already in motion — and it is moving faster than most software teams have noticed.

This is part of the Hyperdrift Quantum Day series. Read the context piece, the qubit explainer, or the Web3 provocation.

Get weekly intel — courtesy of intel.hyperdrift.io

← All posts2026