SecretShield
Nov 11, 2025

Quantum Resistance Simplified: Questions & Answers

Dave Pasirstein

14 min read

Quantum Resistance Simplified: Questions & Answers

Quantum computing has drawn global attention for its potential to revolutionize fields such as drug discovery, materials science, and artificial intelligence; however, this new era of computing also poses significant threats to cybersecurity, specifically modern cryptography: the computer security (encryption) that we depend on.

This article is written for a layman with limited technical knowledge in a question-and-answer format. This attempts to simplify technical concepts related to quantum computer security risks and resistance. It explores what is real vs hype, why we should care, and what we can do today.

For a more technical analysis suitable for IT and Software Engineers, see Quantum Resistance: An alternate look.

Contents

Why Should We Care?

Why should I care about quantum breaking encryption?

You likely use and depend on this technology daily without even realizing it.

From online purchases, Internet banking, electronic medical records, secure messaging, and secure email, to privacy while web browsing, it is all based on the encryption that quantum is at risk of breaking.

Many businesses also use digital signatures with employees and business partners. For example, it can be used to verify the sender's identity in emails or with tools like Adobe PDF to authenticate the signer.

In cryptocurrency, blockchains use digital signatures via wallets to authorize and prove transactions such as sending or receiving money.

In short, the encryption that quantum is proposed to break is highly pervasive in modern society. Before you become too concerned, read on, because much is being done today to ensure society does not collapse as a result of this.

What is encryption, digital signatures, or cryptography?

Encryption, digital signatures, and cryptography in general is the basis of modern computer security for communication (browsing the web), financial transactions (sending or spending money), storage (saving sensitive data), and cryptocurrencies like Bitcoin.

The core foundation relative to quantum is the “keys” and the role they play.

Imagine locking some data in a safe. Only those with the key can open it. The safe makes it impossible to read or modify its contents without opening it. Encryption works similarly - in this case, a key would be several bytes similar to but more complex than a password. If there is only one key for locking (encrypting) and unlocking (decrypting), we call that a symmetric key.

Now imagine there is a key for locking and a different key for unlocking. That would be an asymmetric key pair (a public and private key), and this is based on math using large prime numbers. If I wanted to send something to you securely, I could use your public key to encrypt (put it in the safe) and you could use your private key to unlock it and access the contents.

Encryption keys (symmetric) are often derived from an asymmetric key exchange mechanism containing public (data considered safe to share) and private (data that should not be shared) material.

In short, this is all based on math that is extremely difficult for a human or computer to figure out without access to a known key.

What is encryption?

When we use “https” the ‘s’ represents the type of security (we are talking about). In this case, we encrypt communication data with a key, send the encrypted data, and the receiver then decrypts the communication data to process the request. The encryption obfuscates the data (e.g., “Hello” = “!BG%U”) in a way that cannot be decrypted without the key.

What are digital signatures?

Digital signatures are a way of both proving the signer (it cannot be anybody else) and that the content has not been tampered with in any way. It can be very valuable in contracts and financial transactions. Just like encryption, there is public and private key data; however, it does not obfuscate the data. In this case, the private key is used to create the signature, and the public key can be used to mathematically verify the signature and that the signed content has not been modified.

What is cryptography?

Cryptography is the superset of encryption, decryption, digital signatures, and much more. Most commonly used cryptography today, but not all, is based on prime numbers used with asymmetric keys.

Specifically, factoring very large integers into primes is extremely hard for classical computers. This is the basis of modern cryptography. It is also the source of the quantum risk.

What are classical vs quantum computers?

Classical computers are what we use and know today, ranging from laptops, desktops, cloud servers, mobile phones, tablets, etc. Although they may process instructions with some differences - e.g., Windows on Intel is different than macOS on Apple ARM, they all process those instructions with some similarity. Quantum computers have a fundamentally different way to process instructions. This means that there are some things that Quantum machines can compute very efficiently compared to classical computers, and other things that classical computers are much better at. However, it is the former, things that they can compute very efficiently compared to classical that is the point of concern discussed here.

What does it mean that quantum will “break” or “crack” the encryption?

Breaking encryption is a good and scary headline; however, what it will actually do is far more nuanced. Encryption/Cryptography is based on math. In particular that certain problems are very difficult/hard to solve even with a classical computer. For example, it is very difficult for a human or a classical computer to factor a very large integer into prime numbers.

When we said it is hard, difficult, or inefficient, it means that it is not impossible; however, instead, it would take massive computing power with exceedingly long periods of time. As discussed here and here, it is the factoring of prime numbers in asymmetric keys that is the risk. In this case, factoring a public key (intended to be safe to share) to find the private key.

Like classical computers evolving from the first digital calculators, quantum computers continue to evolve in performance and capacity. We understand from “how” they process that as they improve, they will eventually be able to solve hard problems and even then, continue to improve in the speed at which those problems can be solved.

Specifically, we know that given how quantum computers work, they will eventually be able to factor very large integers into prime numbers far more efficiently than classical computers. Today, they do not have the capacity or speed; however, it is not a far stretch to see that they someday will.

When will this happen?

Nobody knows for sure, as there could be a massive breakthrough or we could run into unforeseen challenges and delays. As of 2025, some guesses range from 5-20 years, but we should recognize that they are only guesses.

Unfortunately, malicious actors are taking a "harvest now, decrypt later" approach. This means that even data encrypted today could be accessed and exploited in the future. Protecting personal data requires individuals to use secure, up-to-date systems and to be mindful of where and how their sensitive information is stored.

These future quantum computers can only crack what they can access. And to that point, it would need access to the public key.

"Harvest now, decrypt later" - What is that?

The idea that people could save/store a copy of the otherwise secure, encrypted data today. Then, at some point in the future, when a quantum computer could break the encryption, that information can be revealed to those who should not have access.

What can be done about the quantum security risk?

Is all lost? Is there no hope?

Not at all. First, as discussed, the risk comes about with asymmetric keys, but not all encryption uses asymmetric keys. Second, just because a solution uses symmetric keys does not mean that public keys are actually shared. That is, if a future quantum computer does not have access to the public key, then it cannot crack (factor) it to a private key.

Much of the Internet is indeed based on asymmetric keys, where the public keys are available. Thus, there is much being done today to mitigate the risks.

What is being done today?

The great news is that there is a lot being done today to mitigate the risks of quantum computing breaking existing cryptography. This was not a surprise problem. Mathematicians and cryptographers have been working on a new generation of cryptography for encryption, key exchange, digital signatures, and more that would be secure and resistant to quantum computing. This is sometimes referred to as quantum-resistant or post-quantum cryptography.

Some of these approaches such as Chrome and Web servers are deploying hybrid implementations that combines classical and post-quantum algorithms.

In short, many broad public Internet-based infrastructures are actively migrating to quantum-resistant cryptography. However, there is still a very long road ahead. Many companies are dependent on software vendors that may not have started on their journey. And some standards, including secure email, have yet to be updated. One of the biggest challenges to businesses adopting the new quantum-resistant cryptography is the cost of migrating to it.

Some things like digital signatures or public/private key encryption on older emails and documents may not be addressable. Only net new digital signatures and post-quantum encryption would be safe.

A great but somewhat technical reference focused on Internet mitigation can be found here: https://blog.cloudflare.com/pq-2025/

What can I do today?

As an individual, there are a few things you can do. 1) Update your software, the latest browsers and instant messengers already contain fixes. 2) Express your concerns to businesses such as financial institutions, which need to make these investments. 3) Express your concerns to politicians, there should be regulations and rules that companies storing your personal information, medical records, financial data, etc. must legally make the necessary investments to protect that data.

If you work in a company, there are a few additional things you can do. Protection is not a true/false boolean; it is more like a continuum. That means some actions can be done today without fully replacing the security, which can buy time. Quantum resistance by design using classical battle-tested cryptography is possible. For example, removing exposure of public keys and using symmetric keys with AES-256 or greater for encryption could provide sufficient resistance. It would also be prudent to establish where the risks exist. Notify vendors that you expect them to address this in their products and establish a plan containing what needs to be addressed with proposals as to how to address it.

Do I need to switch today?

Probably not. That does not mean this should be ignored. It just means there is time to plan. For individuals, software products from Microsoft, Apple, and Google are already getting updated.

Classical cryptography has been tried, proven, and battle-tested over many years. Even then, flaws may be found. Quantum-resistant cryptography is relatively new, and while promising, we may still be and have been surprised by shortcomings. For example, SIKE, a quantum-resistant cryptography, was cracked by a classical computer, and that was not the first time flaws were found in proposed quantum-resistant cryptographies.

Several hybrid cryptography approaches such as those used in web browsers and web servers combine classical and post-quantum algorithms, providing security even if quantum-resistant algorithms have undiscovered weakness.

Most businesses do not need to switch to post-quantum cryptography today, but should carefully consider what can be done today.

What else?

What about this thing called “hashing”?

This is not something most people need to consider, but it may be applicable to some businesses and blockchains. Hashing is a type of cryptography similar to a fingerprint that uniquely represents the data but can’t be reversed to figure out the original data. Many systems use hashing, including tamper detection systems and blockchains.

Most popular hash algorithms are subject to Grover’s algorithm, which, as applied to a quantum computer, is estimated to reduce security by a quadratic speedup. In this case, 256-bit hash would have the effective security of a 128-bit hash against a quantum computer, which is still pretty strong security. Thus, ensuring a sufficiently high number of security bits can provide for a reasonable level of resistance, which is why doubling hash sizes (e.g., using SHA-384 or SHA-512) can provide adequate quantum resistance.

In short, hashing is not broken by quantum computers, but since the security can be reduced, it could make sense to simply increase the bits used in the hash.

What about Key Exchanges?

Key exchange is a commonly used mechanism where two parties with asymmetric keys share their respective public key and are able to calculate a shared secret (aka: symmetric key) that can then be used for encryption. This is sometimes referred to a Diffie-Hellman (DH) key exchange or ECDH. For example, this is used with “TLS” for web browsers when establishing an https connection. Because the public key material between the two parties is exchanged in the open, the security of the whole connection is at risk. NIST has provided new standards for post quantum key exchange.

What about Certificate Authority Infrastructure and PKI?

Classic public key infrastructure (PKI) must be updated. This is a significant undertaking for the Internet and in many cases, it will require hybrid approaches.

Why is there so much fear of quantum with Cryptocurrencies and Blockchain?

Blockchains rely on asymmetric keys to digitally sign transactions, such as sending cryptocurrencies. Most blockchains use a clever algorithm that enables the public key to be derived from the transaction itself. Thus, for all transactions, the public keys are “exposed” to the quantum factoring risk. This means that there is the potential to steal cryptocurrency secured by the corresponding private key.

To address that risk, protocol improvements will be required for the safety of future transactions and current accounts

Some blockchains, like Bitcoin, use hashes to perform “mining” functions, while others, like Ethereum, do not. As discussed, quantum computing could impact the mining function.

Blockchains also use hashes to ensure the integrity of the chain, known as the immutability of the ledger. That is, transactions are finalized, and they do not allow history to change. Could a clever person use a quantum computer to create a mathematically valid replacement block, historically altering the ledger? Because the security for immutability is enforced by the consensus of the decentralized system, it would require a consensus to agree on a change or reorganization. Thus, a quantum computer may be able to propose compromised block changes that are mathematically valid; however, the ability to convince a massively decentralized network to change is highly unlikely.

What about passwords and passkeys?

Strong password implementations are based on hashes. If following good, strong password practices and storing passwords using strong hashes that account for or mitigate the risk of Grover’s algorithm, then all should be fine.

The current generation of Passkeys will be vulnerable when it comes to quantum computers. First, please note that passkeys are orders of magnitude more secure than passwords and should be used when available. Since passkeys are based on asymmetric keys for authentication (via digital signatures), every website has a unique passkey and thus a unique public and private key. Although the public key of a passkey is vulnerable to quantum computers, a website may keep its copy inaccessible to quantum computers as a temporary and partial mitigation. Over time, I expect there will be an evolution of the passkey standard, offering forward migration to a post-quantum version.

What about Internet-of-Things (IoT) and Embedded Systems?

We see these all around from WiFi lights, connected alarm clocks, appliances, and much more. Many of these devices will be vulnerable to quantum. They would require firmware upgrades to make the post quantum; however, products may not be easily updated and many vendors may simply choose to not offer updates for older products.

What happens if my bank does not upgrade in time?

It would be super disappointing, but unlikely to result in a permanent loss of funds or assets, assuming the bank and assets are insured (in the US, that would mean FDIC or SPIC). Even if they are not insured, and unlike blockchains with cryptocurrencies, most fraudulent bank transactions can be reversed, although it may take time during which funds may not be available.

Besides the risk related to loss of funds, there is a risk for exposure of personal and financial data. Hopefully, financial institutions will take this seriously and be post-quantum ready well before it becomes an issue.

What about SecretShield?

Given that my employer is SecretShield, I would be remiss not to discuss it.

Is SecretShield ready for Quantum?

SecretShield is architected and designed for quantum resistance. We understand that some dependencies, such as mobile phones and hardware-backed security modules, may not yet be post-quantum safe; therefore, we designed SecretShield for quantum safety with that in mind. The primary tenet applied to SecretShield is the lack of access, thus providing strong security even when some parts would otherwise not be quantum-ready on their own, which includes Shamir’s Secret Sharing. SecretShield uses decentralization with symmetric keys and symmetric encryption, where possible, which is considered post-quantum. For example, data in SecretShield, even data that could be at risk for quantum, is stored with symmetric encryption (quantum-resistant) hardware-bound (HSM) keys. This protects data that would otherwise be at risk from quantum. As standards evolve, devices, and libraries are updated, SecretShield will further update and ensure the security of its users.

I want to know more…

There are plenty of deeply technical articles available online, suitable for researchers and people with a deep understanding of the domain. Thus, I have tried to make this topic and these blog posts more consumable.

For a more technical analysis suitable for technical IT staff and Software Engineers, see Quantum Resistance: An alternate look.




Thanks for reading!