Quantum computers are nowhere near usable for breaking classical cryptography at the moment, though opinions on how soon it will come vary. As others have said, we have quantum resistant algorithms ready to go, so future encryption is fine.
The greater concern is that a lot of traffic and data encrypted using classical algorithms has been logged or stored in various mediums. An old encrypted drive, or communications stored by nation state actors (the NSA and such). These will be broken, and a lot of past secrets might come out from hiding.
All of these use ciphers that are only affected by Grover’s algorithm. This basically halves the exponent on your key space (so instead of 2^128 keys you only have 2^64 keys), however this doesn’t necessarily mean that the algorithm is faster than a good parallel brute force on classical computers.
The more problematic algorithms are the ones affected by Shor’s algorithm, which are all algorithms in broad use today that involve some sort of agreeing on a shared secret.
Quantum computers are nowhere near usable for breaking classical cryptography at the moment, though opinions on how soon it will come vary. As others have said, we have quantum resistant algorithms ready to go, so future encryption is fine.
The greater concern is that a lot of traffic and data encrypted using classical algorithms has been logged or stored in various mediums. An old encrypted drive, or communications stored by nation state actors (the NSA and such). These will be broken, and a lot of past secrets might come out from hiding.
All of these use ciphers that are only affected by Grover’s algorithm. This basically halves the exponent on your key space (so instead of 2^128 keys you only have 2^64 keys), however this doesn’t necessarily mean that the algorithm is faster than a good parallel brute force on classical computers.
The more problematic algorithms are the ones affected by Shor’s algorithm, which are all algorithms in broad use today that involve some sort of agreeing on a shared secret.
I’m not well versed on the speed of Grover’s over classical brute force. According to NIST this is correct! Thanks for the addition.