Quantum Threat to Crypto Spurs Market Action
Concerns over quantum computing's ability to break current cryptographic standards are prompting new security measures and market speculation. Reliance Global Group has closed a transaction to gain majority control of Enquantum, a post-quantum cybersecurity platform, anticipating a multi-year global upgrade cycle. Meanwhile, prediction markets like Pandora are facilitating bets on whether quantum computing will break Bitcoin by 2028, reflecting growing market awareness of the risk.
- The primary threat comes from Shor's algorithm, developed in 1994, which can efficiently factor large numbers and compute discrete logarithms. This capability would break the security of widely used public-key cryptography systems like RSA and Elliptic Curve Cryptography (ECC), which underpin much of internet security and financial transactions. - Adversaries are likely engaging in "Harvest Now, Decrypt Later" (HNDL) attacks, where they collect and store currently secure encrypted data with the intent of decrypting it once a powerful enough quantum computer is available. This makes the threat immediate for data that needs to remain secure for years to come. - In response, the U.S. government has initiated a multi-year transition to quantum-resistant cryptography (QRC). A May 2022 National Security Memorandum (NSM-10) directs federal agencies to migrate to QRC, setting a target for completion by 2035. - The National Institute of Standards and Technology (NIST) is leading the standardization of post-quantum algorithms. In August 2024, NIST finalized the first set of these standards: CRYSTALS-Kyber for general encryption (FIPS 203), and CRYSTALS-Dilithium (FIPS 204) and SLH-DSA (FIPS 205) for digital signatures. - Expert consensus places the arrival of a cryptanalytically relevant quantum computer (CRQC) capable of breaking RSA-2048 in the early-to-mid 2030s. Some estimates suggest a worst-case scenario where it could occur between 2026 and 2027. - Symmetric encryption algorithms like AES-256 are considered more resistant to quantum attacks. Grover's algorithm could theoretically speed up brute-force attacks, but its impact can be mitigated by doubling the key length, making it a less critical immediate threat compared to the vulnerability of public-key systems. - A growing ecosystem of companies is focused on post-quantum solutions. Beyond Enquantum, notable players include PQShield, which contributes to NIST standards, QuSecure, which focuses on orchestration for federal systems, and SandboxAQ, which was spun out of Google's parent company, Alphabet.
