Will AES-256 Withstand The Gauntlet Thrown by Quantum Computers?

With quantum computers getting more powerful every year, many worry about the safety of modern encryption standards. As quantum computers improve in performance and the number of used for calculations increase, current crypto systems are under more threat of attack.

What will break It?

Many algorithms have been mathematically proven to be broken by quantum computers using . Shor's algorithm solves the following problem:

Given an integer N, find its prime factors.

Because algorithms like rely heavily on the fact that normal computers can't quickly, they have remained secure for years. With quantum computers breaking that assumption, then it may be time to find new standards.The following are examples of encryption that Shor's algorithm can break:

What is Symmetric Encryption?

Symmetric encryption, or more specifically , is believed to be quantum resistant. That means that to be able to reduce the attack time enough to be effective if the key sizes are large enough. can reduce the brute force attack time to its square root. So for AES-128 the attack time becomes reduced to 2^64 (not very secure), while AES-256 becomes reduced to 2^128 which is still considered extremely secure.Qvault uses 256-bit keys and for all encryption which gives us reason to believe our users remain protected against quantum attacks at least in the short term.It is important to remember that even 256-bit keys derived from passwords actually can have less than 256-bits of entropy because an attacker could try deriving keys from likely passwords vs trying random 256-bit numbers.For example, instead of randomly trying

1. azpV4CYbAwQUP4BaJJJNDBxEUkghMF8x2Sd4Q7ihD04=
2. mtOXPNln432smP3pd3rVLw9rpGGkVsiqRhUFLXy/KBw=
3. ..

An attacker would try the following:

1. password123 --> 75K3eLr+dx6JJFuJ7LwIpEpOFmwGZZkRiB84PURz6U8=
2. password1234 --> uclQZA4bN0DpisuT5mnGV2b2Zw3RYJupH/QQUrpIxvM=
3. ...

For this reason Qvault will soon offer optional which when used in conjunction with a password will give our users quantum resistant security for the foreseeable future.If you are implementing AES in a crypto system in 2019 you should favor AES-256 over AES-128 for the quantum resistance that it offers.

Further Reading

Featured image credit: Follow us on medium! (Originally published )

(Disclaimer: The author is the Founder at qVault)