NextGenInsight.Net

Quantum Shock,Encryption Crisis,AI-Driven Breakthrough

·

·

Billy Yang

● Quantum Threat Timeline Accelerates For Post-Quantum Authentication

AI has pulled forward the point of quantum computing, bringing forward the deadline for a transition to ‘quantum-resistant security’

Core point: “As AI is dramatically improving the speed of quantum algorithm search, the required scale of ‘attack-capable quantum computers’ is shrinking.”

The truly frightening point of this issue is not
simply “a new chip came out”, but
quantum computers (hardware) + quantum algorithms (efficiency) + AI (discovery/optimization) coming together at the same time,
meaning the timeline for threatening encryption is getting closer.

And one more thing—you readers should definitely remember this.
It’s not just, “Change encryption and that’s it.”
A warning has come that you must fully transition to quantum-resistant (post-quantum) security even for authentication.

Why the uproar right now? — The reality behind the warning that “the world is not prepared enough”

The message emphasized in this report can be summarized into three main points.

1) Quantum computer performance itself is improving.
2) Quantum algorithms are evolving more efficiently.
3) And on top of that, AI is boosting the speed of ‘algorithm discovery/optimization’.

What this combination means is clear.
The essence of the threat doesn’t end at “we need bigger quantum computers.”
It’s moving toward “even with smaller quantum computers, things can become dangerous.”

The reason the transition is accelerating: what quantum computers break is not “all passwords”

There’s a part that many people misunderstand.

  • “When quantum computers show up, all login information is instantly decrypted?” → That’s an exaggeration.
  • The real threat is that certain cryptographic math (especially the public-key category) that supports the trust structure of the modern internet could collapse.

The representative example mentioned here is Shor’s algorithm.
This algorithm showed that, in theory, with a sufficiently powerful quantum computer,
important forms of public key cryptography can be attacked quickly.

Where is public key cryptography used?
On websites, messengers, banks, software updates, crypto wallets, identity verification, and electronic signature systems—
it’s built into almost all trust-based systems.

So what people fear is not just that
“data can be read,” but that
trust (identity) itself could be shaken.

Two research trends behind the “reduced required quantum scale”

This content can be seen as a structure in which two research streams emerge at the same time.
Both have the common point that they present a direction in which the resources needed for attack (qubits/gates) are decreasing.

1) Google research: logical qubits required to attack elliptic curve cryptography (EC) are decreasing

Google’s research focused particularly on the elliptic curve cryptography (Elliptic Curve Cryptography) family (e.g., digital signatures and major cryptographic systems).

According to the report, the Google research team, while estimating the level at which future quantum computers could mount attacks,

  • the number of required logical qubits was suggested to be around 1,200~1,450, and
  • the required Toffoli gates were also mentioned as being below the tens of millions.

Here’s the key point!
Logical qubits are different from actual physical qubits.

  • Physical qubits: the most vulnerable real qubits (where error rates/stability are the problem)
  • Logical qubits: a stable unit that “protects” by bundling many physical qubits and stabilizing them against errors

What gave the impression to Google that the “dangerous scale is shrinking” was
the calculation that, under standard assumptions, the physical qubit scale could also fall dramatically compared to the past.

Also, rather than fully disclosing the entire attack circuit (method),
Google described it using a zero-knowledge proof approach—
something that allows verification while hiding sensitive details.

This is a pretty realistic approach from an industry standpoint.
If they disclose too much detail, there’s room for it to be abused to make attacks real.

2) The Caltech/Atomics (Oatomic) line: Shor’s algorithm could run at a ‘cryptographically meaningful scale’ in a smaller size

The second one is more provocative.
The core claim is that Shor’s algorithm might be feasible at a smaller scale that can still work at an actual cryptographic level.

  • The report said that around 10,000 reconfigurable atomic qubits were presented as possible for enabling it, and
  • it also mentioned an estimate that attacking the P-256 elliptic curve problem could be done “within a few days” at around 26,000 physical qubits.

However, here’s the “fact check” you must keep in mind.

  • This doesn’t mean a completed quantum decryption machine has already been built.
  • It’s closer to a theoretical resource estimation.
  • The report also said the paper has not yet fully cleared peer review.
  • And it added a warning that “what shrinks like in the paper can vary arbitrarily depending on the assumptions.”

In other words, it’s not “someone will flip on 10,000 qubits tomorrow and hack everything.”
But the direction is the problem, and the point is that the possibility of that direction advancing quickly has emerged.

The real star here is AI: AI ‘accelerated decisions’ in the development of quantum algorithms

As the title of this content suggests, the most important part of this issue is
AI changing the ‘discovery speed’.

According to the report,

  • the researchers said that in the Atomics research stream, AI accelerated algorithm development, and
  • using an open-source tool called Open Evolve, they say a large language model (LLM) searched algorithm candidates and optimized them by repeatedly improving them like natural selection.

To summarize, this is what happened.
There are areas where validating a handful of human ideas “by hand” takes far too long,
but AI exploded the search space for possible solutions,
and it was reported that the initial algorithm improved “by a thousand times or more.”

And the remarks by John Preskill (a well-known scholar in quantum computing) summarize this incident most accurately.

  • Not that AI replaced scientists, but
  • AI rapidly scanned an ‘immensely wide space of technical ideas’ based on questions humans put forward,
  • with humans leading the direction and choices.

The implication is clear.
In future science and technology competition, ‘AI search’ is increasingly likely to become a standard capability.

Security industry’s real-world timeline: quantum-resistant transition schedule pulled forward from “2035 → 2029”

Now money and systems start moving.

Cloudflare said it is targeting complete post-quantum security by 2029 (especially including authentication).

More importantly, the nuance isn’t “since it’s scheduled, it will be slow.”
It suggests that the actual migration deadline inside the industry could be pulled forward.

In other words, what infrastructure companies are effectively saying leads to something like this conclusion.

  • “Yes, it’s scary, but we might not have enough preparation time.”

It may break first: Authentication, not Encryption

The “more terrifying sentence” that Cloudflare emphasized is this.

“The attacker walks in through the front door (quantum forged key)”

What this refers to goes beyond
the level of “decrypt data later.”

  • it may be possible to impersonate who someone is, and
  • it may be possible to fool trust systems (authentication/signing).

If we summarize the difference here:

  • Encryption: a locked box for the contents
  • Authentication: proof that “the box is from the right place (bank/server/software update).”

And just like “Harvest now, decrypt later,” the attacker can steal and store data now,
and then decrypt it once quantum computers are ready later.

So areas where data lifecycles are long—
government documents, medical records, corporate secrets, and long-retained personal data—are especially risky.

NIST standards are in progress, but a “complete transition” is harder than you might think

There’s good news too.

  • NIST is reported to have confirmed the first three post-quantum cryptography standards on August 13, 2024.
  • It is also recommending that administrators begin transitioning as quickly as possible.

But the real challenge in reality isn’t finished just because “the standards have been released.”

Cloudflare framed the point like this.

1) You can’t just turn on post-quantum cryptography and be done
2) If you don’t turn off quantum-vulnerable cryptography, the risk of downgrade attacks remains

A downgrade attack, put simply, is
“making the parties in negotiation intentionally use a weaker method, even though stronger security is possible.”

As a result:

  • rotation (e.g., passwords/access tokens/keys) becomes necessary,
  • and the process extends to third-party integrations, validation, and fraud monitoring,
  • causing the cost and time for the transition to explode.

So, in terms of what it feels like, this transition isn’t like an “app update.”
It’s closer to replacing the digital world’s locks, keys, IDs, alarms, and backup paths—all at once.

Also, Cloudflare said that it has already applied post-quantum encryption across websites/APIs since 2022,
and it mentioned that a significant portion of its network traffic is in a post-quantum encrypted state,
but fully covering authentication is planned as a “full-scale effort” with 2029 as the target.

The “most important signal” to point out additionally from a blog/investment perspective

If you treat this news as only a technical issue, you’ll miss something.
The “core signal” I want to highlight (the point that’s less often talked about elsewhere) is these three.

  • The center of the threat is shifting from ‘decryption (Encryption)’ to ‘impersonation/authentication (Authentication)’
    → Security budgets will likely flow first not only to encrypted-data storage, but to “trust verification processes.”

  • AI is changing the game first in ‘design/algorithm optimization’ rather than in the ‘hardware’ of quantum computing
    → In other words, don’t just watch “when quantum chips will arrive.”
    How fast quantum algorithm efficiency improves can change even sooner.

  • Even after standards are announced, migration leaves a “long tail (dependency chain)”
    → Goals like 2029 aren’t just dates; they are signals of industry-structure change tied to supply chains, certificates, and third parties.

When these three are combined, the conclusion narrows to one thing.
The transition to quantum-safe security is turning from a “future plan” into an “immediate mandatory task.”

So what’s the next action? (Reader viewpoint checklist)

  • If you’re operating a web/app/infrastructure,
    you first need to map where certificates, code signing, tokens, and authentication flows are involved.
  • Security and development teams should
    include not only post-quantum cryptography ‘adoption’ but also
    ending vulnerable algorithms (preventing downgrade) in the roadmap at the same time.
  • Decision-makers should
    not “wait until 2035,” but
    pull forward the quantum-resistant security migration timeline.

Five economic and technology keywords that connect naturally with this article

In the end, this trend leads to the world’s “risk management.”
Especially, these topics are likely to move together.

  • Quantum-safe security
  • Cybersecurity
  • Cryptography
  • AI-driven optimization
  • Compute roadmap (semiconductor/computing roadmap)

[Main points to convey]

As AI finds quantum algorithms faster and more efficiently,
estimates of the qubit scale needed for quantum attacks are decreasing.

So the security industry is moving not only on “encryption,” but
accelerating the quantum-resistant transition including authentication,
and infrastructure companies like Cloudflare are showing a trajectory where schedules are pulled forward from 2035 to 2029.

And ultimately, this change is a signal that
shifts management decision-making from “a threat someday” to “transition starting now.”

< Summary >

This issue is that, as AI contributes to finding “attack-capable algorithms” in quantum computing more efficiently,
research has also come out simultaneously suggesting that the resources required for quantum attacks could be reduced.

As a result, the security industry must transition to quantum-resistant security not only for encryption (Encryption) but also for authentication (Authentication),
and movements are observed where the transition schedule is pulled forward from 2035 to 2029.

The core point is that, beyond “when the threat begins,”
you need to prepare now for long migration chains like preventing downgrade and rotating keys/certificates.

[Related posts…]

Quantum transition—Why it was pulled forward now

Cryptography standards and corporate response strategies

*Source: [ TheAIGRID ]

– AI Helped Spark a Quantum Breakthrough. “The World ‘Is Not Prepared’

● Quantum Threat Timeline Accelerates For Post-Quantum Authentication AI has pulled forward the point of quantum computing, bringing forward the deadline for a transition to ‘quantum-resistant security’ Core point: “As AI is dramatically improving the speed of quantum algorithm search, the required scale of ‘attack-capable quantum computers’ is shrinking.” The truly frightening point of this…

Feature is an online magazine made by culture lovers. We offer weekly reflections, reviews, and news on art, literature, and music.

Please subscribe to our newsletter to let us know whenever we publish new content. We send no spam, and you can unsubscribe at any time.

NextGenInsight.Net

Korean