Thales Blog

Quantum Resistant Encryption – Are You Ready?

November 2, 2021

Brian Grant Brian Grant | CPL ANZ's Regional Director More About This Author >

Some good news and a couple of tips for being prepared.

Over the past few months, a handful of Thales CPL clients have mentioned their concern regarding the future threat of quantum computing to their data security frameworks. If you take a good hard look at the risks arising from Quantum, there is bad news and good news.

Quantum Resistant Encryption – Are You Ready?


Let's get the bad news out of the way to start...

When functional quantum computing becomes available it is anticipated to make many current asymmetric encryption ciphers (RSA, Diffie-Hellman, ECC etc.) insecure against quantum-enabled attackers. That's the crux of the bad news.

Yet there is a lot of good news...

Functional quantum computing is not considered capable of compromising widely used symmetrical encryption algorithms like AES256 that cybersecurity vendors like Thales use to secure data-at-rest or sensitive data-in-motion.

Another piece of good news is functional quantum computing will not beQuantum Resistant Encryption – Are You Ready? widely available to bad guys for some time - I do not say never - but at the moment we are talking years. Loathe as I am to make predictions, I’m not alone in this forecast, industry analysts like Gartner concur with this schedule for quantum as a tool to crack asymmetric ciphers.


National Institute of Standards and Technology (NIST)The final piece of good news is that significant effort is being made by the global cybersecurity industry, led by the likes of the National Institute of Standards and Technology (NIST), to identify and standardise suitable quantum resistant asymmetric ciphers to replace the current at risk ciphers.


If you are responsible for the cybersecurity posture of your organisation as a CISO or business leader (this is a Board level risk in the new world of privacy and cyber compliance), to quote the Hitch Hikers Guide to the Galaxy, "Don't Panic".

As the cybersecurity industry identifies suitable replacements to the current suite of at risk asymmetric ciphers, there will be vendors beating down your door to offer replacement solutions. In fact, many already have in place agile platforms that allow for crypto-agility, which further mitigates the cost and risk of change.

For your symmetrically protected data, there is no need to make any immediate changes and it is unlikely that you will need to make major changes in the future. However, one other small challenge that the symmetric cipher solutions will need to redress is how to securely share the symmetric keys between platforms? Either this will require quantum resistant asymmetric cryptographic algorithms (which are on the way) or innovative symmetric key delivery that we haven't developed yet - think using the very same quantum principals that compromise today's asymmetric ciphers to replace them with an even more secure and quantum-resistant alternative.

Humanity is good at adapting and changing. With the emergence of quantum risk to cipher-security, we will no doubt emerge more resilient out the other end.

Learn more about Thales solutions for quantum resistant encryption.