The good news is, a lot of old secrets won’t really matter anymore by the time we have quantum computers that can break the encryption. There will obviously be a big impact on information that was encrypted just before we get a working quantum computer that can crack modern crypto.
In cryptography discussions, I feel like we’re usually implying (or even saying out loud) that the encryption is secure for a sufficient amount of time and computer power. Perhaps people outside of cryptography don’t know it, but I think there is a reasonable expectation that encrypted communications could be decrypted at some point in the future. We just hope it’s sufficiently far enough away (or difficult enough) to not be a problem.
Honestly as soon as we get some good post-quantum crypto, we’ll probably want to switch over to it asap, even if good quantum computers are still far out, just to help alleviate some of this problem. Of course, I imagine we’re still going to be finding new things once the technology is real and being used. Let’s hope the post-quantum cryptography algorithms we come up with actually are strong against a sufficiently large quantum computer.
The good news is, a lot of old secrets won’t really matter anymore by the time we have quantum computers that can break the encryption. There will obviously be a big impact on information that was encrypted just before we get a working quantum computer that can crack modern crypto.
In cryptography discussions, I feel like we’re usually implying (or even saying out loud) that the encryption is secure for a sufficient amount of time and computer power. Perhaps people outside of cryptography don’t know it, but I think there is a reasonable expectation that encrypted communications could be decrypted at some point in the future. We just hope it’s sufficiently far enough away (or difficult enough) to not be a problem.
Honestly as soon as we get some good post-quantum crypto, we’ll probably want to switch over to it asap, even if good quantum computers are still far out, just to help alleviate some of this problem. Of course, I imagine we’re still going to be finding new things once the technology is real and being used. Let’s hope the post-quantum cryptography algorithms we come up with actually are strong against a sufficiently large quantum computer.
TLS already has quantum-hardened algorithms in it.