Why Is Quantum Computing a Threat to Encryption?
How a different kind of computer could undermine the mathematics protecting your accounts, messages, and digital assets.
Why this matters
Cryptography protects bank accounts, private messages, cryptocurrency, software updates, and your connections to websites.
The algorithms behind these systems are usually public. Their security does not depend on hiding how they work. It depends on mathematical problems that would take classical computers an impractical amount of time to solve.
A sufficiently powerful quantum computer could change that assumption for some widely used forms of cryptography. The threat is not immediate, but replacing cryptographic infrastructure takes years.
Why encryption works today
Public-key cryptography uses a pair of related keys. The public key can be shared, while the private key must remain secret. Together, they let systems establish secure connections and verify digital signatures without first sharing a secret key.
The public key can be derived from the private key, but working backward to recover the private key is considered impractical when the system uses secure algorithms and sufficiently large keys.
Different systems rely on different hard problems. RSA depends on the difficulty of factoring the product of two large prime numbers. Diffie-Hellman and elliptic curve cryptography depend on versions of the discrete logarithm problem, which involves recovering a hidden number from the result of a mathematical operation.
These methods support key exchange, digital signatures, website certificates, cryptocurrency wallets, and many other systems across the internet.
What makes a quantum computer different
A classical computer stores information in bits. Each bit is either 0 or 1. A quantum computer uses qubits, which can exist in a combination of states before they are measured.
Quantum algorithms manipulate probability amplitudes, which determine how likely different results are when the qubits are measured. Through interference, paths leading toward useful answers can reinforce one another while others cancel out.
This does not make quantum computers faster at everything. Classical computers remain better suited to most everyday tasks. The quantum advantage appears in specific problems with an effective quantum algorithm.
The problem quantum computers create
The most important example is Shor's algorithm. It gives a sufficiently capable quantum computer a much more efficient way to factor integers and solve discrete logarithms.
That directly targets the hard problems behind RSA, Diffie-Hellman, and elliptic curve cryptography. On a large, error-corrected quantum computer, calculations that are impractical today could become practical.
This is why public-key cryptography is the main concern. If a quantum computer can solve those underlying problems efficiently, an attacker may be able to recover private keys, impersonate users, forge signatures, or derive shared secrets from recorded key exchanges.
Why Bitcoin gets mentioned
Bitcoin uses digital signatures to prove that the person spending coins controls the correct private key. Its signature system relies on elliptic curve cryptography.
Today, deriving a private key from a public key is impractical with classical computers. A powerful enough quantum computer running Shor's algorithm could threaten funds whose public keys have been revealed.
The question is whether Bitcoin and similar systems can move to quantum-resistant signatures before such attacks become practical.
Why messages are at risk
Secure messaging platforms like Signal use end-to-end encryption, so messages are encrypted on the sender's device and decrypted on the receiver's device. Public-key cryptography helps the devices establish the secrets used to protect that conversation.
This creates a long-term concern known as "harvest now, decrypt later." An attacker can collect encrypted traffic today, store it, and wait for future technology that may break a vulnerable key exchange.
The risk matters most when information must remain private for many years. Signal has already introduced PQXDH to protect the start of a conversation. In October 2025, it also announced SPQR, which regularly refreshes post-quantum secrets as the conversation continues. These protections are combined with Signal's existing cryptography.
What does not break the same way
Quantum computers do not affect every kind of cryptography equally. Symmetric encryption and hashing are less exposed than the public-key systems targeted by Shor's algorithm.
Grover's algorithm can speed up brute-force searches against symmetric keys and hash functions, but the advantage is less dramatic. In many cases, appropriate key and hash sizes can preserve the required security margin.
Post-quantum cryptography
Post-quantum cryptography is designed to resist attacks from both classical and quantum computers. Despite the name, it runs on the normal computers and networks we already use.
The goal is to replace vulnerable public-key algorithms with key exchange and signature schemes based on problems that are still believed to be difficult for quantum machines.
The transition is difficult because cryptography is embedded everywhere. Browsers, operating systems, banks, governments, messaging apps, hardware, and blockchains all need time to adopt and test new standards.
Final takeaway
Quantum computing threatens public-key cryptography because it could make certain hard mathematical problems practical to solve. That could undermine digital signatures, key exchange, certificates, cryptocurrency wallets, and secure communication. Symmetric encryption and hashing are affected less severely.
The machines needed for large-scale attacks do not exist yet. But the systems that depend on today's cryptography must be upgraded before they do. That is why post-quantum cryptography matters now.
Also read: Zero-Knowledge Proofs Explained