Quantum computers will be able to instantly break the encryption of sensitive data protected by today's strongest security, warns the head of IBM Research. This could happen in a little more than five years because of advances in quantum computer technologies. "Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now," said Arvind Krishna, director of IBM Research.
Correct me if I'm wrong, but does it mean that my KeePass database that I uploaded on Dropbox is going to be broken in ~5 years time and I need to start changing my passwords right now?
https://en.wikipedia.org/wiki/Post-quantum_cryptography
However, the biggest problems are about public-key encryption algorithms like RSA, which are broken much more readily by quantum computing than symmetric-key algorithms like AES. The security of KeePass password databases is mainly protected by symmetric encryption rather than public-key encryption, and the speedup achieved by quantum computers isn't as significant. Perhaps it's already fairly safe?
Another thing to think about is whether Dropbox would expose your encrypted files to an adversary who could then perform a quantum cryptanalysis (either via attacks on the cryptography used to protect the data in transit between you and Dropbox—which does include public-key encryption, unlike KeePass itself!), or by trying to compromise or coerce Dropbox itself into turning over your data. The existence of a cryptanalytic attack against some algorithm doesn't necessarily always mean that there will be adversaries in a position to use that attack against each user and each message, session, or file.
Quantum computers fundamentally don’t break everything, just things that depend on problems that can be treated polynomial with respect to time, if you can also be polynomial in terms of state.
Eg there is currently no known way to break any of the major symmetric encryption algorithms (aes etc) beyond bruteforcing, which is faster on a classical machine.
I believe that similar applies to general case of hashing.
Things get wonky once you can convert a O(x^N) problem into a O(N^x) problem with state(N^x).
That’s functionally how things like shore’s algorithm works - each qubit can represent a functionally infinite number of values so you can move from other wise expentional number of components to a polynomial amount, so you can do a pile of math and get a “probably correct” solution to the DLP, which is the core problem for all current assymetric encryption algorithms.
What IBM is presumably trying to say is that all assymteric algorithms are broken if you can get a functional quantum computer, which means getting 1000s of qubits into a quantum state and maintaining that state through a large computation. If that happens then any data that has been archived and encrypted with an assymetric algorithm can be decrypted.
Any problem that also depends on DLP (all the crypto coins for instance) is likewise broken.
More importantly, it is likely that it will be a state sponsored agent (~cough~ NSA ~cough~) who creates the first QC (and AI) rather than a private endeavor. This means you will never hear of it so act accordingly but I think you still have time.
Researchers are working on cryptographic systems for this, which are based on algorithms that cannot be solved by quantum computers. (Called Post-Quantum Cryptography)
Right now, asymmetric cryp. works on two computationally hard problems (integer factorization and discrete logarithms -- RSA and ElGamal).
2 decades ago we were already 5 years distance of quantum computing. THis is a warning to the future generation similar to the Bible.