Today’s encryption algorithms are secure against attack by today’s computers, but they will be rendered useless when quantum computers finally become stable and usable enough to apply to the task of decryption. The minute quantum computers are workable they will be able to compromise the encrypted data that companies are producing today.
Timeframes for workable quantum decryption systems are shorter than you probably realise: “It is projected that we will have a quantum computer stable enough, in the next 5 to 10 years, to break today’s encryption,” Avesta Hojjati, the head of R&D at DigiCert, told an audience of nervous security practitioners at a recent CSO roundtable.
Quantum decryption attacks aren’t likely to be the product of casual hackers; rather, Hojjati warned, attackers might well be nation-state backed and targeting sensitive national-security, financial or infrastructure assets with merciless accuracy.
CISOs face a particularly serious threat because personally identifiable information (PII) generated today needs to protected for the life of the person it relates to.