In recent weeks, Google has been loudly reminding us that the quantum era may not only be about breakthroughs in science, but also poses great risks. One day, it could invalidate some of today's encryption, which is the basis of banking, communications, and government infrastructure. And it's not just "sometime in the future" - the most unpleasant part is apparently already happening now.
Google warns of attackers' strategy known as store now, decrypt laterIn practice, this means that someone collects encrypted data today (such as health records, corporate know-how or sensitive communications) with the understanding that one day – when a sufficiently capable quantum computer exists – they will try to decrypt them additionally. And this is important to know in my opinion: even though “cryptographically relevant” quantum machines are not yet commonly available, Stolen data doesn't age that quickly.. Some informationmacand they will still be sensitive in ten years.
In 2024 NIST completes first set post-quantum cryptography standards (PQC), i.e. algorithms designed to be resistant to quantum attacks. Google says it is gradually deploying them in its infrastructure and products such as Chrome and that he has been experimenting with similar tests for a year 2016It is quite clear from this that the big players are not waiting for "it to become a problem", but are taking it as a long-term goal that must be started immediately.
There is still time for prevention
Google mainly recommends three things:
- First modernize infrastructure (often through cloudplatforms where security layers can be continuously changed)
- secondly, to design systems so that encryption could be replaced without rewriting half of the product (so-called crypto agility)
- thirdly, keep in mind that with the growing role of AI, it will also be addressed security of AI systems – ideally directly on post-quantum foundations
Personally, I think the most important thing is the shift in the way we see the problem. It's not about panic, but about the fact that security debt Cryptography pays off terribly slowly. And if you start late, you can't catch up with one quick update. And I just hope that those affected realize this.
