(MRT) Post-quantum cryptography must be established long before the first powerful quantum computers exist. Because encrypted communication can also be recorded – what different actors actually do in order to analyze it later. Cryptosystems must therefore be able to do more than just withstand attacks today using current methods. You also need to withstand future attacks that use hardware that doesn’t even exist today. Ideally, encryption should be unbreakable forever, but no system can guarantee that. In practice, most data lose their value and potential explosiveness after a few decades at the latest, so that encryption systems only have to offer security for such periods of time.
Nobody can say with certainty whether there will be powerful quantum computers in ten or twenty years’ time. However, companies such as IBM and Google, who research quantum computers, are predicting such progress. That may sound ambitious, but it’s not utopian. The development of classic computers is also characterized by exponential increases, as described by Moore’s well-known law. The development and improvement of quantum computers could proceed in a similar manner. As a mere precaution, it is therefore high time to take care of post-quantum cryptography.
Programmers and companies that use cryptosystems also have to give thought instead of waiting for new standards to be adopted. In order not to lose time – which may be missing in the end – you should prepare your crypto infrastructure now for the foreseeable development.