Boo-AI — Master Artificial Intelligence by Building from Scratch

Introduction

Quantum computing poses an existential threat to the cryptographic foundations that protect virtually all digital communication. The public-key cryptography systems that secure TLS connections, digital signatures, and key exchange protocols—RSA, Elliptic Curve Cryptography (ECC), and Diffie-Hellman—will all be broken by a sufficiently powerful quantum computer.

This is not a distant hypothetical. Nation-states are investing billions in quantum computing research, and adversaries are already collecting encrypted data today with the intention of decrypting it once quantum computers become available. Understanding the quantum threat is the first step toward preparing defenses.

Shor's Algorithm and Public Key Cryptography

Shor's algorithm, published by mathematician Peter Shor in 1994, demonstrates that a quantum computer can factor large integers and compute discrete logarithms in polynomial time. This directly breaks RSA (which relies on the difficulty of integer factorization) and ECC (which relies on the discrete logarithm problem on elliptic curves).

The implications are staggering. RSA-2048, considered secure against classical computers for decades, could be broken by a quantum computer with approximately 4,000 logical qubits. While current quantum computers have far fewer stable qubits, the trajectory of progress suggests this threshold could be reached within 10 to 15 years.

Impact Assessment: When Shor's algorithm becomes practically executable, every RSA and ECC key ever used becomes retrospectively vulnerable. TLS certificates, code signing keys, SSH authentication, VPN tunnels, and blockchain signatures all rely on these algorithms. This is not a single system failure—it is a simultaneous compromise of the entire public-key infrastructure.

Grover's Algorithm and Symmetric Keys

Grover's algorithm provides a quadratic speedup for searching unstructured databases, which effectively halves the security strength of symmetric cryptographic keys. AES-128, which has 128 bits of classical security, would offer only 64 bits of security against a quantum adversary—well within brute-force range.

The defense against Grover's algorithm is straightforward: double the key length. AES-256 retains 128 bits of security against quantum attacks, which remains computationally infeasible. Unlike public-key cryptography, symmetric algorithms have a clear and practical quantum defense, but organizations must ensure they are actually using sufficient key lengths.

AES-128: Reduced to 64-bit equivalent security under Grover's attack—no longer considered quantum-safe
AES-256: Reduced to 128-bit equivalent security—still computationally infeasible to break
SHA-256: Collision resistance reduced from 128 bits to 85 bits—still adequate but monitor closely
Hash-based signatures: Remain secure as their security relies on hash function preimage resistance

Harvest Now, Decrypt Later

Perhaps the most urgent aspect of the quantum threat is the "harvest now, decrypt later" (HNDL) strategy. Nation-state adversaries are actively intercepting and storing encrypted communications today with the explicit intention of decrypting them once quantum computers become available. Data with long-term sensitivity—state secrets, medical records, financial data, intellectual property—is already at risk.

The timeline for quantum computers capable of breaking RSA-2048 is debated, with estimates ranging from 2030 to 2040. However, the timeline for data sensitivity often extends further. Government classified data may need protection for 50 or more years. Medical records and financial data have decades-long relevance. This means the window for transitioning to post-quantum cryptography is not when quantum computers arrive—it is now.

Collection Phase: Adversaries capture encrypted traffic from fiber optic taps, compromised routers, and cloud provider subpoenas
Storage Phase: Encrypted data is stored in massive archives, awaiting quantum decryption capability
Decryption Phase: Once quantum computers mature, decades of intercepted communications become readable
Defense Window: Organizations must transition to post-quantum algorithms before their data sensitivity period expires

The HNDL threat transforms quantum computing from a future concern into a present-day data protection requirement. Organizations handling data with long-term sensitivity must begin their post-quantum migration now, not when quantum computers are publicly demonstrated at scale.