Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities
Banking and Finance
Sports
Smart Cities
Cryptographically Relevant Quantum Computers: impact and preparation for global digital security
Let’s go back to 1994, when mathematician Peter Shor published a paper that would change the course of cyber security. His algorithm proved that a sufficiently powerful quantum computer could factor large prime numbers exponentially faster than any classical machine, breaking the mathematical foundation of today’s most trusted cryptographic systems, such as RSA and ECC.
At the time, it was purely theoretical, an elegant equation far from reality. Engineers laughed, governments showed mild curiosity, and cyber security professionals filed it under “future risk.”
Fast forward to today.
What was once theoretical is now technologically imminent. Advances in quantum hardware, error correction and algorithmic optimisation are progressing faster than expected. Innovation labs and tech R&D centres around the world are racing to reach a new milestone: the cryptographically relevant quantum computer (CRQC).
Unlike today’s experimental quantum devices, a CRQC wouldn’t just simulate molecules or optimise logistics: it could break the encryption securing global digital infrastructure: banks, power grids, critical supply chains and even national security systems.
Time is ticking. Encrypted data being transmitted or stored today may already be vulnerable to Store Now, Decrypt Later (SNDL), Harvest Now, Decrypt Later (HNDL), Sign Today, Forge Tomorrow (STFT) and Trust Now, Forge Later (TNFL) attacks, where adversaries store or forge information until a CRQC is ready to unlock it.
The era of preparing for quantum threats has begun.
What are cryptographically relevant quantum computers and why they matter
A cryptographically relevant quantum computer (CRQC) is a fault-tolerant quantum system capable of running algorithms like Shor’s at a scale sufficient to break today’s public key cryptography, for example, RSA and elliptic curve schemes, within the useful lifespan of the protected data.
Technically, this means having enough high-quality logical qubits, gate fidelity and error correction depth to factor large integers or solve discrete logarithms (e.g., RSA-2048, P-256) within a relevant operational timeframe, rather than just demonstrating small instances on noisy intermediate-scale quantum (NISQ) devices.
A CRQC fundamentally differs from today’s NISQ systems because it supports scalable, error-corrected logical qubits that can reliably sustain long and complex circuits, enabling practical cryptanalytic workloads.
A CRQC marks the point where quantum computing stops being experimental and starts compromising current cryptography.
■ While the exact arrival date of these machines remains uncertain, their future impact is inevitable. Sensitive encrypted data handled today may still be valuable by the time a CRQC becomes available.
Therefore, organisations must plan and act now, building resilience through post-quantum cryptography (PQC), cryptoagility, and risk-based migration strategies aligned with recognised international standards (e.g., NIST, ETSI, ISO).
CRQC implications for cryptography and security protocols
Public-key schemes based on factoring and discrete logarithms fall to Shor’s algorithm, which solves order-finding in polynomial time in logN, breaking the hardness assumptions behind RSA, Diffie-Hellman and ECC.
Symmetric encryption and hashing aren’t completely broken, but suffer a quadratic speedup in brute-force search via Grover’s algorithm, reducing complexity from O(2n) to O(2n/2), which justifies doubling key sizes and using longer hashes. Protocols composed of these primitives (TLS, IPsec, SSH, code signing) inherit these weaknesses unless updated.
There is no definitive CRQC date yet, but authorities emphasise uncertainty and the importance of preparation over prediction. National security guidelines define migration milestones for this decade and into the early to mid-2030s, reflecting the time needed to inventory, standardise, implement and deploy at scale.
The arrival of CRQCs forces a review of the algorithms and protocols that underpin today’s digital trust.
■ Academic assessments and industry roadmaps suggest that sustained advances in error correction, device performance and control could make CRQCs plausible in the 2030s or 2040s. Prudent planning assumes that the threat horizon is shorter than the data’s lifetime.
Why acting today matters to protect long-term information
The quantum threat is immediate because attackers can capture encrypted data now and decrypt it later once CRQCs exist, exposing long-lived sensitive information and long-duration secrets like personally identifiable information, medical records, diplomatic cables and intellectual property.
This also enables the retroactive forgery of signatures, which could undermine software supply chains, legal records and registries if algorithms are not updated in time. It is essential to act before CRQCs exist, since discovery, modernisation, procurement and migration across complex estates can take many years.
Early preparation is key to preventing today’s encrypted data from becoming tomorrow’s exposure.
This highlights the role of NIST in standardising quantum-resistant algorithms under the post-quantum cryptography (PQC) initiative, providing specifications, test vectors and validation paths to support global adoption.
■ Current FIPS (Federal Information Processing Standards) include ML-KEM (Kyber) for key establishment and ML-DSA (Dilithium) and SLH-DSA (SPHINCS+) for digital signatures, with additional KEMs (e.g., HQC) advancing to expand implementation options, enabling secure and interoperable use across protocols and systems like TLS, IKEv2, X.509 and PKI.
How to prepare for CRQCs: the transition to post-quantum cryptography
Organisations must now map cryptography across all data classes, applications, protocols and hardware, focusing on the confidentiality lifetime and migration timelines to identify assets vulnerable to quantum cryptography.
This requires a cryptographic inventory and a Cryptographic Bill of Materials (CBOM) to reveal algorithms, key sizes, libraries, protocols, certificates and embedded dependencies across software and devices.
Prioritisation should focus on machine-to-machine channels, long-retention data at rest, and trust anchors like code signing and PKI.
Practical steps for migration
- Establish governance by assigning executive responsibility, defining algorithm selection policies and setting timelines aligned with regulatory and industry guidance.
- Develop crypto agility by decoupling cryptography from applications, supporting algorithm negotiation, automating certificate and key lifecycles, and enabling continuous discovery.
- Implement PQC by adopting ML-KEM and ML-DSA/SLH-DSA in pilots and then production; strengthen symmetric crypto (e.g., AES-256, SHA-384/512) and update protocols and PKI.
- Use hybrids by deploying hybrid KEMs and, where appropriate, dual signatures to ensure continuity with classical ecosystems during phased upgrades.
- Risk-based phases to migrate high-impact, long-duration data paths first; modernise HSMs, smart cards, firmware update channels and constrained devices; validate performance and side-channel properties.
Sector exposure and responses
- Finance with long-retention transaction logs and PII, widespread use of TLS and reliance on code signing; responses include PQC pilots in payments, custody and interbank messaging.
- Defence and aerospace with classified communications, satcom, GNSS and embedded platforms with long life cycles; responses include roadmaps aligned with space agencies, PQC-ready waveforms and space-qualified cryptography.
- Telecoms with backbone networks, 5G/6G cores, roaming and OTA updates; responses include standards work, hybrid KEM trials in TLS/IPsec, and PQC-ready network elements.
- Healthcare with decades-sensitive PHI and medical devices; responses include PQC-ready health exchanges and procurement requirements for devices.
Governments are preparing through public policy mandating inventory, planning and migration to quantum-resistant cryptography across all government systems and suppliers. National strategies define the sequence (e.g., discovery and planning first, then prioritised modernisation) and align with validation programmes and procurement baselines.
■ Initiatives such as the EU’s Quantum Flagship programme and secure quantum communication programmes complement PQC through investment in research, testbeds and standards.
The post-quantum transition requires a strategy based on inventory, crypto agility and gradual standards adoption.
Sector impact, governance and emerging professional capabilities
The transition to post-quantum cryptography affects critical sectors, raises ethical dilemmas about the power to decrypt, and demands new competencies in cryptography, protocols and advanced security.
Power dynamics emerge when only a few actors gain the ability to decrypt information, potentially compromising diplomatic secrecy, disrupting markets, and affecting deterrence, creating coercive advantages and trust crises.
Ethical dilemmas include whether to disclose advances, how to prevent indiscriminate harm and how to regulate intercepted data storage. Standards, transparency and rapid standard adoption are essential to reduce systemic risk.
Crucially, it all comes down to skills and talent capabilities, where teams must be proficient in lattice- and hash-based cryptography, protocol integration, performance engineering and side-channel-resistant implementations.
Post-quantum cryptography introduces technical, regulatory and talent challenges that must be addressed in a coordinated way.
Additional competencies include crypto-agile architecture, CBOM/SBOM management, PKI modernisation, formal verification and secure hardware acceleration. Major efforts involve standards bodies, national labs, industry consortia and open-source projects providing libraries, test vectors and migration guides.
Finally, we can expect an acceleration in standard finalisation, sector-specific profiles, PQC-compatible hardware and regulations that incorporate crypto agility and CBOM into procurement and compliance.
Building cryptographic resilience in the quantum era
A quantum-resilient society is characterised by ubiquitous PQC, continuous crypto governance, updatable devices and diversified trust anchors.
Still, residual risks will remain due to legacy systems, harvested data and implementation flaws. Resilience therefore demands continuous oversight, validation by Red Teams and regular cryptographic updates as science and standards evolve.
Post-quantum resilience is built through ongoing governance and systems designed to evolve.
