Understanding Quantum Security Challenges

Researchers at the University of Kent have raised concerns about the vulnerability of Bitcoin and other blockchain technologies to quantum computing. In a yet-to-be-peer-reviewed study, they suggest that a sufficiently advanced quantum computer could crack Bitcoin’s cryptographic security, posing an existential threat to the cryptocurrency ecosystem. The announcement follows Google’s recent unveiling of its 105-qubit ‘Willow’ quantum chip, which demonstrated computational power far beyond classical supercomputers. This breakthrough reignited fears about the potential for quantum computers to bypass Bitcoin’s encryption, which relies on algorithms like SHA-256 and ECDSA (Elliptic Curve Digital Signature Algorithm) for transaction security. Key Findings from the Study: 1. Quantum Threat to Bitcoin: A sufficiently advanced quantum computer could break Bitcoin’s encryption, potentially allowing malicious actors to steal funds or manipulate transactions on the blockchain. 2. Lengthy Update Downtime: Transitioning Bitcoin’s infrastructure to quantum-resistant cryptography could require up to 76 days of downtime, during which the blockchain would be extremely vulnerable. 3. Staggering Financial Losses: The disruption caused by such an attack or even the preparation for a quantum-safe upgrade could result in astronomical financial losses. How Quantum Computers Could Crack Bitcoin • Bitcoin uses public-private key pairs for secure transactions. • A quantum computer with sufficient qubits and error correction capabilities could reverse-engineer private keys from public keys using Shor’s Algorithm. • Once private keys are exposed, attackers could authorize transactions and effectively drain wallets. Potential Solutions: • Post-Quantum Cryptography (PQC): Researchers are actively developing encryption methods resistant to quantum attacks, such as lattice-based cryptography. • Blockchain Hard Fork: Implementing a system-wide upgrade to quantum-resistant algorithms before quantum computers reach the necessary scale. • Hybrid Cryptography: Using a combination of classical and quantum-resistant cryptographic methods during the transition period. The Road Ahead: While quantum computers capable of such feats are not yet operational, the rapid advancements in the field suggest it’s only a matter of time. The Bitcoin community, developers, and stakeholders must act proactively to adopt quantum-resistant encryption standards to safeguard the cryptocurrency’s future. As Carlos Perez-Delgado, co-author of the study, points out: “Even brief downtime or delays in blockchain updates can result in catastrophic consequences in a financial system of this scale.”

𝗗𝗮𝘆 𝟴: 𝗗𝗮𝘁𝗮 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗼𝘀𝘁 𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗥𝗲𝗮𝗱𝗶𝗻𝗲𝘀𝘀 In today’s hyper-connected world, data is the new currency and the perimeter, and it is essential to safeguard them from Cyber criminals. The average cost of a data breach reached an all-time high of $4.88 million in 2024, a 10% increase from 2023. Advances in 𝗾𝘂𝗮𝗻𝘁𝘂𝗺 𝗰𝗼𝗺𝗽𝘂𝘁𝗶𝗻𝗴 further threaten traditional cryptographic systems by potentially rendering widely used algorithms like public key cryptography insecure. Even before large-scale quantum computers become practical, adversaries can harvest encrypted data today and store it for future decryption. Sensitive data encrypted with traditional algorithms may be vulnerable to retrospective attacks once quantum computers are available. As quantum technology evolves, the need for stronger data protection grows. Google Quantum AI recently demonstrated advancements with its Willow processors, which 𝗲𝗻𝗵𝗮𝗻𝗰𝗲𝘀 𝗲𝗿𝗿𝗼𝗿 𝗰𝗼𝗿𝗿𝗲𝗰𝘁𝗶𝗼𝗻 𝘂𝘀𝗶𝗻𝗴 𝘁𝗵𝗲 𝘀𝘂𝗿𝗳𝗮𝗰𝗲 𝗰𝗼𝗱𝗲. These breakthroughs underscore the growing efficiency and scalability of quantum computers. To address these threats, Enterprises are turning to 𝗮𝗴𝗶𝗹𝗲 𝗰𝗿𝘆𝗽𝘁𝗼𝗴𝗿𝗮𝗽𝗵𝘆 to prepare for Post Quantum era. Proactive Measures for Agile Cryptography and Quantum Resistance: 1. 𝗔𝗱𝗼𝗽𝘁 𝗣𝗼𝘀𝘁-𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗔𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺𝘀 Transition to NIST-approved PQC standards like CRYSTALS-Kyber, CRYSTALS-Dilithium, Sphincs+. Use hybrid cryptography that combines classical and quantum-resistant methods for a smoother transition. 2. 𝗗𝗲𝘀𝗶𝗴𝗻 𝗳𝗼𝗿 𝗔𝗴𝗶𝗹𝗶𝘁𝘆 Avoid hardcoding cryptographic algorithms. Implement abstraction layers and modular cryptographic libraries to enable easy updates, algorithm swaps, and seamless key rotation. 3. 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲 𝗞𝗲𝘆 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 Use Hardware Security Modules (HSMs) and Key Management Systems (KMS) to automate secure key lifecycle management, including zero-downtime rotation. 4. 𝗣𝗿𝗼𝘁𝗲𝗰𝘁 𝗗𝗮𝘁𝗮 𝗘𝘃𝗲𝗿𝘆𝘄𝗵𝗲𝗿𝗲 Encrypt data at rest, in transit, and in use with quantum resistant standards and protocols. For unstructured data, use format-preserving encryption and deploy data-loss prevention (DLP) tools to detect and secure unprotected files. Replace sensitive information with unique tokens that have no exploitable value outside a secure tokenization system. 5. 𝗣𝗹𝗮𝗻 𝗔𝗵𝗲𝗮𝗱 Develop a quantum-readiness strategy, audit systems, prioritize sensitive data, and train teams on agile cryptography and PQC best practices. Agile cryptography and advanced data devaluation techniques are essential for protecting sensitive data as cyber threats evolve. Planning ahead for the post-quantum era can reduce migration costs to PQC algorithms and strengthen cryptographic resilience. Embrace agile cryptography. Devalue sensitive data. Secure your future. #VISA #PaymentSecurity #Cybersecurity #12DaysofCyberSecurityChristmas #PostQuantumCrypto

I’ve written about the risks GenAI brings - how something theoretical quickly became operational.   Quantum risk is following the same path. But this time, the threat starts before the technology reaches maturity.   Adversaries are already executing “harvest now, decrypt later” strategies by stealing encrypted data today with the intention to break it once quantum computing evolves. That changes the timeline and urgency of cryptographic resilience.   Why it matters: 🔐 OT, IoT, and legacy systems weren’t built with quantum in mind. ⏳ PQC migration takes years, and most organizations haven’t even begun. 🌍 Critical infrastructure is especially exposed.   This isn’t about fear. It’s about getting ahead before the window closes.   To mitigate long-tail risks like data harvesting, security teams should: ✅ Implement forward secrecy to limit future decryption of past traffic ✅ Minimize long-term storage of sensitive data ✅ Strengthen network visibility and segmentation to reduce interception risk   Forescout Technologies Inc. is making this possible right now with: ✅ Complete visibility into all connected devices across IOT, IT, IoT, and IoMT ✅ Automated policy enforcement to respond to cryptographic risk in real time ✅ Crypto agility support to evolve alongside emerging standards - not after they break   👇 Are you thinking about post-quantum risk? Drop your thoughts below.   #QuantumSecurity #PQC #CyberResilience #InfrastructureSecurity

Is quantum computing the next big cybersecurity threat? For decades, encryption has been our digital fortress. But quantum computing is challenging that foundation—and the stakes couldn’t be higher. Let me explain. Quantum computers, powered by qubits and quantum mechanics, have the potential to break today’s most secure encryption methods in record time. Algorithms like RSA, which protect everything from online transactions to national secrets, may soon become obsolete. Here’s the reality: → "Harvest Now, Decrypt Later": Cybercriminals are already storing encrypted data, waiting for the day quantum computers can crack it. → Encryption at Risk: Shor’s Algorithm and similar quantum innovations could dismantle current security protocols, leaving sensitive information vulnerable. → The Clock is Ticking: While quantum computers aren’t powerful enough yet, experts predict it’s only a matter of time. So, how do we prepare? → Post-Quantum Cryptography: Organizations like NIST are working on quantum-resistant algorithms to protect future data. → Quantum-Safe Protocols: Hybrid models combining classical and quantum encryption are emerging to secure transitions. → Risk Assessments and Training: Companies must identify vulnerabilities and educate cybersecurity teams on the implications of quantum advancements. The future of cybersecurity isn’t just about defending against traditional threats—it’s about staying ahead of quantum possibilities. Are we ready to face the next wave of cyber threats? Let’s discuss. 👇

Three weeks ago, our Devsinc security architect, walked into my office with a chilling demonstration. Using quantum simulation software, she showed how RSA-2048 encryption – the same standard protecting billions of transactions daily – could theoretically be cracked in just 24 hours by a sufficiently powerful quantum computer. What took her classical computer billions of years to attempt, quantum algorithms could solve before tomorrow's sunrise. That moment crystallized a truth I've been grappling with: we're not just approaching a technological evolution; we're racing toward a cryptographic apocalypse. The quantum computing market tells a story of inevitable disruption, surging from $1.44 billion in 2025 to an expected $16.22 billion by 2034 – a staggering 30.88% CAGR that signals more than market enthusiasm. Research shows a 17-34% probability that cryptographically relevant quantum computers will exist by 2034, climbing to 79% by 2044. But here's what keeps me awake at night: adversaries are already employing "harvest now, decrypt later" strategies, collecting our encrypted data today to unlock tomorrow. For my fellow CTOs and CIOs: the U.S. National Security Memorandum 10 mandates full migration to post-quantum cryptography by 2035, with some agencies required to transition by 2030. This isn't optional. Ninety-five percent of cybersecurity experts rate quantum's threat to current systems as "very high," yet only 25% of organizations are actively addressing this in their risk management strategies. To the brilliant minds entering our industry: this represents the greatest cybersecurity challenge and opportunity of our generation. While quantum computing promises revolutionary advances in drug discovery, optimization, and AI, it simultaneously threatens the cryptographic foundation of our digital world. The demand for quantum-safe solutions will create entirely new career paths and industries. What moves me most is the democratizing potential of this challenge. Whether you're building solutions in Silicon Valley or Lahore, the quantum threat affects us all equally – and so does the opportunity to solve it. Post-quantum cryptography isn't just about surviving disruption; it's about architecting the secure digital infrastructure that will power humanity's next chapter. The countdown has begun. The question isn't whether quantum will break our current security – it's whether we'll be ready when it does.

From a friend... 'Today, almost all data on the Internet, including bank transactions, medical records, and secure chats, is protected with an encryption scheme called RSA (named after its creators Rivest, Shamir, and Adleman). This scheme is based on a simple fact—it is virtually impossible to calculate the prime factors of a large number in a reasonable amount of time, even on the world’s most powerful supercomputer. Unfortunately, large quantum computers, if and when they are built, would find this task a breeze, thus undermining the security of the entire Internet. Luckily, quantum computers are only better than classical ones at a select class of problems, and there are plenty of encryption schemes where quantum computers don’t offer any advantage. Today, the U.S. National Institute of Standards and Technology (NIST) announced the standardization of three post-quantum cryptography encryption schemes. With these standards in hand, NIST is encouraging computer system administrators to begin transitioning to post-quantum security as soon as possible... ...Most experts believe large-scale quantum computers won’t be built for at least another decade. So why is NIST worried about this now? There are two main reasons. First, many devices that use RSA security, like cars and some IoT devices, are expected to remain in use for at least a decade. So they need to be equipped with quantum-safe cryptography before they are released into the field. Second, a nefarious individual could potentially download and store encrypted data today, and decrypt it once a large enough quantum computer comes online. This concept is called “harvest now, decrypt later“ and by its nature, it poses a threat to sensitive data now, even if that data can only be cracked in the future.' https://lnkd.in/gxsczMAY

The UK’s National Cyber Security Centre just issued a quiet but critical wake-up call: quantum computing isn’t science fiction anymore — it’s a looming reality with the power to break today’s encryption standards. As someone who follows cybersecurity and tech trends closely, this stood out to me. The NCSC is urging large organisations — especially in energy, transport, and other critical sectors — to start preparing now to migrate to post-quantum cryptography. Why the urgency? Because once quantum machines mature, they’ll be able to crack public key encryption at a speed today’s systems aren’t built to defend against. Their guidance outlines a 10-year roadmap, with milestones in 2028, 2031, and full readiness by 2035. That sounds far off — until you consider how long it takes to upgrade legacy infrastructure and secure bespoke IT systems. We don’t know the exact timeline for a quantum breakthrough, but waiting for it to happen before acting would be a mistake. Is your org already thinking about this shift? How are you preparing for a post-quantum world? #cybersecurity #quantum #technology https://lnkd.in/d-jUCRPS

The (possible) future of Cyber security… Where Quantum Key Distribution (QKD) has completely replaced today’s Public Key Infrastructure (PKI), and within 5-15 years asymetric cryptographic algorithms are rendered entirely or partially unusable (Forrester)… but it’s not Armageddon, we can be prepared 😅 Thank you Yvette Lejins and ADAPT for a fantastic ’fireside chat’ and discussion about what CIOs and CSIOs can do now to prepare for Quantum: 🔒 Know your risk appetite: what is your migration time (to new cryptography or QKD); Security/ Data Shelf Life (time data needs to be protected); Risk exposure timeframe (I.e. when will Quantum computing crack Shores’ algorithm - take your pick of expert probabilities!) 🔒Re-design your infrastructure for cryptographic agility. Reduce the number of data encryption/decryption points to reduce the threat surface and complexity of cryptographic migration processes. 🔒 Implement post-quantum algorithms. Adopt algorithms that have been approved by NIST or an equivalent standards body to ensure the smoothest transition. 🔒Invest in capability. Less than 50% of quantum computing jobs expected to be filled by 2025 (McKinsey & Company) Tenar Larsen Jim Berry Matt Boon Maushumi (Maya) Mazid Jenny Francis David Gee GAICD Nick Haigh Jayden Cooke Gabby Fredkin #adaptsecurityedge #cyberrisk #riskappetite #quantumcomputing

Quantum-resistant algorithms are critical for securing our digital future in the face of rapidly advancing quantum computing. Today’s encryption methods, particularly public-key cryptography, could be rendered obsolete by powerful quantum computers within the next 10 to 20 years. This looming threat has spurred a global effort to develop new encryption algorithms capable of withstanding quantum attacks. Current cryptography protects everything from online banking to emails and cryptocurrencies. However, quantum computers, using methods like Shor’s Algorithm, could break these systems almost instantly, exposing sensitive data. Institutions like NIST are working to standardize quantum-resistant algorithms, with the first standards expected by 2024. These algorithms are being rigorously tested to ensure they can withstand quantum and conventional attacks. The stakes are high. Without robust quantum-resistant encryption, digital security as we know it could collapse. Sensitive transactions, private communications, and even blockchain integrity would be at risk. As businesses and governments prepare for this transition, collaboration and adaptability will be key to securing the digital world in the quantum era. What are your thoughts on the urgency of this transition? Are we prepared for the quantum age, or are we underestimating the speed at which it might arrive? #TechNews #Technology #Innovation #QuantumComputing #Encryption

NIST FIPS 203 - Recommendations for Quantum’s Emergence As we edge closer to the reality of quantum computing, the landscape of cybersecurity faces significant challenges. Quantum computers, with their unparalleled processing power, can potentially break many of the cryptographic systems that safeguard our data today. This impending threat underscores the urgency of adopting quantum-resistant security measures. One of the key resources in this area is the recently published NIST FIPS 203. This document provides comprehensive guidelines for quantum-resistant cryptographic algorithms, setting the stage for a new era of security standards. NIST FIPS 203 emphasizes the importance of: 1. **Algorithm Agility:** The need to implement systems that can transition between classical and quantum-resistant cryptographic algorithms seamlessly. 2. **Robust Key Management:** Enhancing key management practices to support the increased complexity of quantum-resistant algorithms. 3. **Security Protocol Integration:** Ensuring that quantum-resistant cryptography is integrated into existing security protocols without compromising performance or scalability. By adopting the guidelines outlined in NIST FIPS 203, organizations can better prepare for the quantum future, protecting sensitive data and maintaining trust in the digital ecosystem. The time to act is now, as the quantum revolution is not a distant possibility but an imminent reality. #QuantumComputing #Cybersecurity #NISTFIPS203 #QuantumResistance #DigitalSecurity #Cryptography Brian Lenahan shared this earlier but I wanted to highlight the importance for my network. https://lnkd.in/e6UEXyFh