TL;DR

  • Cryptographically relevant quantum computers (CRQCs) will break current encryption: RSA, ECDSA, and Diffie-Hellman algorithms protecting today's data will become vulnerable when CRQCs emerge — potentially within 10-15 years.
  • "Harvest now, decrypt later" attacks are happening today: Adversaries are storing encrypted data now to decrypt when quantum computers become available, threatening data with long confidentiality requirements.
  • Post-quantum cryptography (PQC) standards are ready: NIST has finalised PQC algorithms (CRYSTALS-Kyber for key encapsulation, CRYSTALS-Dilithium, FALCON, and SPHINCS+ for digital signatures) for migration.
  • Australian Government guidance is emerging: ASD has begun addressing quantum threats in cryptographic guidance, with expectations for critical infrastructure to plan migration timelines.
  • Cryptographic migration is a multi-year effort: Inventory, assessment, and systematic replacement of vulnerable algorithms requires immediate planning regardless of quantum timeline uncertainty.

The Quantum Threat to Modern Cryptography

Modern cybersecurity rests on mathematical foundations that quantum computers threaten to undermine. The asymmetric encryption protecting internet communications, VPNs, digital signatures, and secure messaging relies on mathematical problems (integer factorisation and discrete logarithms) that classical computers cannot efficiently solve. Quantum computers using Shor's algorithm can solve these problems exponentially faster, rendering RSA, ECDSA, ECDH, and DSA cryptographically obsolete.​‌‌‌​​​‌‍​‌‌‌​‌​‌‍​‌‌​​​​‌‍​‌‌​‌‌‌​‍​‌‌‌​‌​​‍​‌‌‌​‌​‌‍​‌‌​‌‌​‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌​‌‌‌‌‍​‌‌​‌‌​‌‍​‌‌‌​​​​‍​‌‌‌​‌​‌‍​‌‌‌​‌​​‍​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​‌‌​​‌‌‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌‌​​‌​‍​‌‌‌‌​​‌‍​‌‌‌​​​​‍​‌‌‌​‌​​‍​‌‌​‌‌‌‌‍​‌‌​​‌‌‌‍​‌‌‌​​‌​‍​‌‌​​​​‌‍​‌

‌‌​​​​‍​‌‌​‌​​​‍​‌‌‌‌​​‌‍​​‌​‌‌​‌‍​‌‌‌​‌​​‍​‌‌​‌​​​‍​‌‌‌​​‌​‍​‌‌​​‌​‌‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​​‌‌

Symmetric encryption (AES) and hashing (SHA-256) face reduced security margins from Grover's algorithm but remain viable with larger key sizes. However, the asymmetric algorithms securing key exchange, authentication, and digital signatures — the foundation of internet security — require complete replacement.

The quantum threat timeline remains uncertain. Current quantum computers lack the qubit count and error correction for cryptographically relevant attacks. However, the trajectory of quantum computing investment (government and private) suggests CRQCs may emerge within 10-15 years, with some estimates as early as 2030. Regardless of the exact timeline, cryptographic transitions take years, making preparation urgent.​‌‌‌​​​‌‍​‌‌‌​‌​‌‍​‌‌​​​​‌‍​‌‌​‌‌‌​‍​‌‌‌​‌​​‍​‌‌‌​‌​‌‍​‌‌​‌‌​‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌​‌‌‌‌‍​‌‌​‌‌​‌‍​‌‌‌​​​​‍​‌‌‌​‌​‌‍​‌‌‌​‌​​‍​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​‌‌​​‌‌‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌‌​​‌​‍​‌‌‌‌​​‌‍​‌‌‌​​​​‍​‌‌‌​‌​​‍​‌‌​‌‌‌‌‍​‌‌​​‌‌‌‍​‌‌‌​​‌​‍​‌‌​​​​‌‍​‌‌‌​​​​‍​‌‌​‌​​​‍​‌‌‌‌​​‌‍​​‌​‌‌​‌‍​‌‌‌​‌​​‍​‌‌​‌​​​‍​‌‌‌​​‌​‍​‌‌​​‌​‌‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​​‌‌

Understanding "Harvest Now, Decrypt Later"

The most immediate quantum threat is not future decryption but present data collection. Adversaries with quantum capability ambitions are harvesting encrypted data today — government communications, intellectual property, infrastructure designs, healthcare records, and strategic planning documents — to decrypt when CRQCs become available.

This "harvest now, decrypt later" (HNDL) attack particularly threatens data with long confidentiality requirements:

  • Government classified information: Classified data with 50+ year protection requirements
  • Critical infrastructure designs: Power grid, telecommunications, and transport network specifications
  • Intellectual property: Proprietary designs, chemical formulas, and source code
  • Healthcare records: Genetic data and longitudinal health histories
  • Financial data: Long-term transaction records and trading algorithms
  • Strategic planning: M&A activity, market expansion plans, competitive intelligence

Australian businesses handling data requiring multi-decade confidentiality must implement quantum-resistant protection now, not when CRQCs emerge. The ASD's Information Security Manual guidance on crypto agility and the SOCI Act's risk management requirements create compliance obligations for critical infrastructure operators to address quantum threats.

Post-Quantum Cryptography: The NIST Standards

The US National Institute of Standards and Technology (NIST) has finalised the first post-quantum cryptography standards after a multi-year international competition. Australian businesses should plan migration to these algorithms:

Key Encapsulation Mechanism (KEM)

  • ML-KEM (Module Lattice-based Key Encapsulation Mechanism): Formerly CRYSTALS-Kyber, selected for general encryption and key exchange. Fast, small key sizes, and well-suited for protocols requiring efficient key establishment.

Digital Signatures

  • ML-DSA (Module Lattice-based Digital Signature Algorithm): Formerly CRYSTALS-Dilithium, the primary recommendation for most signature applications. Balance of security, performance, and signature size.
  • SLH-DSA (Stateless Hash-based Digital Signature Algorithm): Formerly SPHINCS+, based purely on hash functions with conservative security assumptions. Larger signatures but strong security guarantees.
  • FN-DSA (FFT over NTRU Lattice-based Digital Signature Algorithm): Formerly FALCON, based on structured lattices with small signatures. Suitable for applications where signature size is critical.

Security Levels

NIST defines five security levels corresponding to the difficulty of breaking AES-128 through AES-256 with classical computers. Higher security levels provide greater quantum resistance margins but with performance trade-offs. Most applications should target Level 3 (AES-192 equivalent) or Level 5 (AES-256 equivalent).

The Cryptographic Migration Challenge

Replacing vulnerable cryptography is not a simple software update. It is a complex, multi-year transformation affecting:

Inventory and Discovery

  • Cryptographic discovery: Identify all uses of vulnerable algorithms across infrastructure, applications, and third-party services
  • Data classification: Determine which data requires quantum-resistant protection based on confidentiality duration
  • Dependency mapping: Understand how systems interact and where cryptographic boundaries exist
  • Vendor assessment: Evaluate vendor roadmaps for PQC support in products and services

Technical Implementation

  • Hybrid deployments: Combine classical and post-quantum algorithms during transition periods
  • Protocol updates: Modify TLS, VPN, email encryption, and secure messaging protocols
  • Certificate infrastructure: Replace or augment PKI with quantum-resistant certificate chains
  • Hardware security modules: Update HSMs to support PQC algorithms and key management
  • Embedded systems: Address firmware and IoT devices with limited update capabilities

Operational Considerations

  • Performance impact: PQC algorithms often require more computational resources and bandwidth
  • Interoperability: Ensure cross-organisational and cross-border compatibility during transition
  • Testing and validation: Extensive testing of new cryptographic implementations
  • Rollback procedures: Maintain ability to revert if PQC implementations prove problematic

Australian Regulatory and Compliance Context

ASD and ACSC Guidance

The Australian Signals Directorate (ASD) and Australian Cyber Security Centre (ACSC) have begun incorporating quantum threats into cryptographic guidance:

  • Information Security Manual (ISM): Updates addressing quantum threat considerations for Australian government systems
  • Essential Eight: While focused on classical threats, crypto agility requirements prepare organisations for algorithm replacement
  • ASD Cryptographic Fundamentals: Guidance on selecting and implementing cryptographic controls with forward-looking threat assessment

SOCI Act Implications

Critical infrastructure operators under the Security of Critical Infrastructure Act 2018 must consider quantum threats in their Critical Infrastructure Risk Management Programs (CIRMP):

  • Risk assessment: Include quantum computing threats in cryptographic risk evaluations
  • Migration planning: Develop timelines for transitioning to quantum-resistant cryptography
  • Vendor management: Assess critical infrastructure technology vendors for PQC roadmaps
  • Incident reporting: Understand how quantum-related vulnerabilities trigger reporting obligations

Industry-Specific Considerations

  • Financial services: APRA expectations for cyber resilience explicitly consider emerging threats including quantum
  • Healthcare: Long-term confidentiality of patient records requires HNDL protection strategies
  • Defence and intelligence: Stringent security requirements and classified data protection timelines
  • Research and development: IP protection for innovations with multi-decade competitive value

Preparing Your Organisation: Action Steps

Immediate Actions (0-6 months)

  1. Conduct cryptographic inventory: Discover all RSA, ECDSA, ECDH, and DSA usage in your environment
  2. Classify data by confidentiality duration: Identify data requiring protection beyond 2035
  3. Assess vendor PQC roadmaps: Evaluate critical vendors' quantum readiness commitments
  4. Establish quantum threat awareness: Brief leadership, security teams, and risk management on quantum implications

Short-term Actions (6-18 months)

  1. Develop crypto agility: Implement systems capable of rapid cryptographic algorithm replacement
  2. Pilot PQC implementations: Test ML-KEM and ML-DSA in non-production environments
  3. Update procurement requirements: Include PQC support requirements in technology purchasing
  4. Plan hybrid deployments: Design architectures supporting both classical and quantum-resistant algorithms

Medium-term Actions (18-36 months)

  1. Execute high-priority migrations: Replace cryptography for most sensitive long-term data first
  2. Update PKI infrastructure: Implement quantum-resistant certificate authorities and chains
  3. Address embedded systems: Develop strategies for firmware and IoT device updates
  4. Validate end-to-end encryption: Ensure quantum resistance across entire data flows

Long-term Actions (3-5 years)

  1. Complete organisational migration: Transition all systems to quantum-resistant cryptography
  2. Deprecate vulnerable algorithms: Remove support for RSA, ECDSA, and Diffie-Hellman
  3. Implement crypto-agile architecture: Maintain capability for future algorithm transitions
  4. Continuous monitoring: Track quantum computing advances and adjust security postures

Addressing Common Concerns

"Quantum computers are science fiction"

Quantum computing has transitioned from theoretical to operational. IBM, Google, and others operate quantum computers with hundreds of qubits. While current systems lack error correction for cryptographically relevant attacks, the trajectory is clear. The question is when, not if.

"We will migrate when standards are finalised"

NIST standards are finalised. The migration challenge is not algorithm availability but implementation complexity. Organisations that delay until CRQCs emerge will have insufficient time to complete transitions before their cryptography becomes vulnerable.

"Our data isn't sensitive enough to worry"

Evaluate data confidentiality requirements carefully. Information with 10+ year sensitivity (IP, strategic plans, infrastructure designs, health records) requires HNDL protection now. Even seemingly mundane data aggregates into valuable intelligence over time.

"PQC algorithms are untested"

NIST selected algorithms through the most rigorous cryptographic competition in history, with contributions from global experts and years of cryptanalysis. While any new cryptographic standard carries some risk, the threat from quantum computers to current algorithms is more certain and severe.

Quantum-Resistant Security Beyond Cryptography

While post-quantum cryptography is essential, organisations should also consider:

  • Air-gapped systems: For highest sensitivity data, physical isolation remains quantum-resistant
  • Quantum key distribution: Where feasible, optical fibre-based QKD provides information-theoretic security
  • Shorter key lifetimes: Reduce exposure windows by rotating keys more frequently
  • Data minimisation: Reduce harvested data value by limiting long-term data retention
  • Compartmentalisation: Segregate sensitive data to reduce breach impact scope

Conclusion

The quantum threat to cryptography is real, imminent in planning terms, and requires immediate organisational response. The "harvest now, decrypt later" attack is occurring today against data with long confidentiality requirements. Australian businesses must begin cryptographic inventory, assess data sensitivity timelines, evaluate vendor roadmaps, and develop migration plans. NIST's finalised post-quantum cryptography standards provide the technical foundation; the organisational challenge is implementation. Those who prepare now will transition smoothly; those who wait risk sudden cryptographic obsolescence and data exposure.

Need Help Assessing Your Quantum Risk?

lilMONSTER provides quantum risk assessment and cryptographic migration planning for Australian businesses. We help you inventory vulnerable algorithms, classify data by confidentiality duration, develop migration timelines, and implement post-quantum cryptography where needed.

Schedule a quantum security assessment →

Further Reading

Ready to strengthen your security?

Talk to lilMONSTER. We assess your risks, build the tools, and stay with you after the engagement ends. No clipboard-and-leave consulting.

Get a Free Consultation