I would like to preface this with the information that I am clearly not well versed in crypto, so my understand so far may not be accurate.
CISA recently published an advisory Preparing Critical Infrastructure for Post-Quantum Cryptography which details actions in preparation for migrating systems to a post-quantum cryptographic standard.
My understanding is that as quantum computers are becoming more powerful, the possibility of breaking asymmetric encryption drastically increases due to the drastic speed increase of integer factorization through Shor's Algorithm. Doing so allows quantum computers to compute the primes in a public-key cryptosystem, which greatly weakens the algorithms using asymmetric encryption. This means that in the coming years there will most likely be a large shift in how encryption is managed for things like HTTPS.
I have been reading through CISA, Wikipedia, and NIST's Post-Quantum Cryptography project and I have yet to find an 'explain-like-I'm-five' answer on how the normal web and devices are going to be using quantum-resistant algorithms. I suppose one way to protect against these algorithms is to use even larger prime numbers, but at that point it is most likely that a lot of vulnerable devices will not have the computing power to implement those algorithms. Even if they do, as slow as some of the industry moves, they most likely will not be implemented on a large number of devices until the devices are replaced.
Symmetric key encryption is not vulnerable, or at least not as, to quantum computing if given a sufficiently large secret, however that does not help out in the case of HTTPS, which is extremely widely used.
I have a couple questions from what I have read so far:
- In layman's terms, how do these new quantum cryptography algorithms roughly work, and do they all follow the same general format?
- How will normal computers/services like websites be able to handle these new algorithms; will there be a significant amount of strain put on processing these new algorithms, or is it even possible?