Secure Controls Framework
Download The SCF
Quantum Security

Which cryptographic algorithms are vulnerable to quantum attacks?

Direct Answer

Algorithms based on integer factorization (RSA) and discrete logarithm problems (ECC, Diffie-Hellman) are the primary algorithms at risk. A quantum computer running Shor's algorithm could theoretically break these. Symmetric encryption such as AES-256 and hash functions such as SHA-256 are considered more resilient to quantum attacks.

RSA and ECC are used in almost every TLS connection, code signing certificate, and SSH key exchange in use today. The quantum risk is therefore systemic across most internet-facing infrastructure. The practical threat requires a cryptographically relevant quantum computer (CRQC) with error correction at scale, which does not exist today but is the subject of significant research investment.

 

Because migrating large-scale cryptographic infrastructure takes years, security agencies including NSA and CISA have recommended organizations begin PQC migration planning now. Organizations should audit all cryptographic use cases to identify which rely on vulnerable asymmetric algorithms and prioritize migration accordingly.

Keep Exploring

Relevant Resources

References

Authoritative Sources