Quantum Computing, Encryption, and the Cryptopocalypse

For several years, tech media has been telling the world that our encrypted data will no longer be secure after quantum computers come onto the scene. Reporters often call this the "cryptopocalypse." Panicked stories like these attract clicks, and clicks attract ad revenue.

But the truth, as usual, is not so simple. Asymmetric encryption (using public/private key pairs) is vulnerable to quantum-based attacks, but strong symmetric encryption (using the same strong key to both encrypt and decrypt) will remain safe from quantum attacks. For cryptographers and other technically-minded cybersecurity people, this may seem obvious, but the message hasn’t reached the masses—even to many people who work in the industry.

Encryption based on AES-256, or other similarly strong symmetric encryption algorithms, can’t be successfully attacked with today’s computers before, as security expert Bruce Schneier says, "the heat death of the universe." Though quantum computing will reduce the time to compromise those same keys, many experts believe that the time required will be no less than half the current time—so after the Sun becomes a supernova and swallows the Earth, but maybe before the heat death of the universe.

PKWARE features many types of remediation for sensitive data, including both persistent and transparent encryption&mdas;which both use AES-256. (Find out more about PKWARE's approach to encryption.)

As part of our approach for dealing with a post-quantum world, PKWARE also uses strong symmetric encryption algorithms for some applications that traditionally use asymmetric encryption, such as email. (Learn more about PKWARE’s approach to email encryption.)

If you’re looking for a quantum-resistant approach to protecting your sensitive data, make sure you’re using strong symmetric encryption—and make sure it can be applied to the applications you need.

That’s not all you need, however. Not all AES-256 encryption keys are created equal. The next post in this series will discuss the value of true random numbers vs. pseudo-random numbers as the basis for the encryption keys—and how these attacks might be affected by the advent of quantum computing.

Paul Ardoin

Paul Ardoin

Paul Ardoin, PKWARE's Senior Director of Product and Partner Marketing, has 20 years of experience in enterprise software marketing and public relations. Paul has led high-performing product marketing, strategic programs marketing, and technology partner teams for small startups as well as large multinational enterprises. An industry thought leader, he has spoken at security, financial, real estate, and human resources events around the world about the importance of putting critical business issues before technology. Paul has a bachelor’s degree in English from University of California, Santa Barbara.

Find more posts by: Paul Ardoin