Quantum computing represents one of the most fascinating and promising frontiers of modern technology. Unlike classical computers, which process information using binary bits (0 or 1), quantum computers exploit the principles of quantum mechanics—such as superposition, entanglement, and interference—to perform calculations with exponential computational power.
This technological revolution, born from theoretical considerations in the 20th century, is now taking concrete shape, with implications ranging from materials science to cryptography. One of the most critical areas that quantum computing threatens to transform is cybersecurity.
It is estimated that by 2030-2035, quantum computers with millions of logical qubits, which represent the unit of quantum information, could emerge, rendering traditional cryptography obsolete and having a huge impact on traditional security methods. By this we mean that it would compromise:
- Secure communications (HTTPS, VPN)
- Digital signatures (blockchain, authentication)
- Special categories of special data collected years ago
In this article, we explore the origins of quantum computing, its developments and impact on cybersecurity, and the first steps towards the transition to post-quantum cryptography to keep corporate data secure in the near future.
The origins of quantum computing
The history of quantum computing has its roots in quantum mechanics, a discipline developed in the early decades of the 20th century to explain the behaviour of matter and energy at the subatomic level. Between 1925 and 1935, scientists such as Werner Heisenberg, Erwin Schrödinger and Paul Dirac laid the theoretical foundations of this new physics, introducing fundamental concepts such as superposition (the ability of a particle to exist in multiple states simultaneously) and entanglement (a link between two or more particles, in which the state of one instantly influences the state of the others, regardless of distance).
These phenomena, initially considered theoretical curiosities, have become the heart of quantum computing. In the 1970s and 1980s, the concept of quantum computing began to take shape as an extension of information theory. David Deutsch further formalised these ideas with the quantum Turing machine.
The 1990s marked a turning point with the development of quantum algorithms, such as those of Shor and Grover, which highlighted the practical potential of quantum computing, especially in cryptography.
The new millennium saw the first attempts to build quantum hardware, with symbolic demonstrations of Shor's algorithm and the development of technologies such as superconducting qubits (also known as artificial atoms). The 2010s marked a technological acceleration, culminating in 2019 with Google's announcement of quantum supremacy.
Today, in the 2020s, we are in a maturation phase called NISQ (Noisy Intermediate-Scale Quantum) in which quantum computers, while still prone to errors, are becoming increasingly powerful and stable, with companies such as IBM, Microsoft and Google leading the race towards the future of quantum computing.
Shor's algorithm: implications for cryptography
A key element of quantum innovation is Shor's algorithm, which has the ability to solve complex problems in polynomial time, significantly influencing cybersecurity paradigms. Let's analyse it in detail.
Shor's algorithm
Imagine you have a safe with a secret code, and the code is based on a very large number, the result of multiplying two smaller numbers (for example, 3 × 5, which equals 15), finding those two smaller numbers with a normal computer is like looking for a key in a huge pile of keys: it takes a very long time, especially if the number is very large.
Now, we can see Shor's algorithm as a kind of “superpower” used by a quantum computer that allows it to try all possible keys at the same time and find the right ones in a very short time, even when the number is huge.
In practice, it's like finding the correct combination already set on the safe with a magic wand, without even trying to enter a combination or slowly turning the wheel.
Polynomial time
Polynomial time is a fundamental concept in theoretical computer science and computational complexity theory. It refers to a measure of the execution time of an algorithm relative to the size of the input, expressed as a polynomial function. In other words, an algorithm runs in polynomial time if the number of operations it performs grows at most as a fixed power of the input size, for example (n^2) where (n) is the input size.
Formally, a problem is solved in polynomial time if there is an algorithm to solve it that requires a number of computational steps bounded above by a function that depends on a positive constant and the size of the input.
A threat to encryption
Quantum computing is a double-edged sword for cybersecurity. Its ability to solve complex mathematical problems represents a huge step forward, but it also threatens current cryptographic systems. Let's take a look at which ones are at risk:
Asymmetric encryption
Asymmetric encryption is a way to protect information using two keys: one public (which everyone can see) and one private (which only you know). Algorithms such as RSA, Diffie-Hellman and ECC use mathematical problems that are very difficult to solve to create these keys. Imagine a giant puzzle: it's easy to put together if you have the solution, but almost impossible without it. These algorithms are based on problems such as factoring huge numbers or calculating discrete logarithms.
However, quantum computers could change everything. As we have just seen, Shor's algorithm could solve these mathematical problems much faster than classical computers. For example, a 2048-bit RSA key, which would take billions of years to crack with a normal computer, could be broken in a matter of hours with a powerful quantum computer (it is estimated that millions of qubits with error correction would be needed). This means that special categories of special data protected with asymmetric encryption could be at risk in the future, given the acceleration of quantum processes.
Symmetric encryption
Symmetric encryption, on the other hand, uses a single key to encrypt and decrypt data. Algorithms such as AES and hash functions such as SHA-256 are considered more resistant to attacks from quantum computers. However, Grover's search algorithm, which can operate on unsorted databases, could halve the time needed to breach these systems. For example, to decrypt an AES-256, which would require 2^256 operations with a classical computer, a quantum computer would require “only” 2^128. Although this is still a huge number, it means that in the future we may have to use even longer keys to keep our data secure.
In fact, we must specify that today's quantum computers do not yet have the scalability to break these systems (the largest one I know of today is under 100 logical qubits), but the risk of “Harvest Now, Decrypt Later” attacks is real, i.e. an attacker could decide to steal encrypted data today knowing that in the near future they will be able to decrypt it easily.
Impacts on cybersecurity
Companies and organisations across all sectors need to start assessing the impact of quantum computing on cybersecurity and their business strategy. Let's look at some specific cases:- In national and corporate defence, communications security, intelligence systems and critical infrastructure, quantum computers could decrypt the codes used to protect communications, compromise surveillance systems and make the country's critical infrastructure vulnerable.
- In the financial sector, customer data protection and the integrity of trading systems could be at risk with quantum computers capable of decrypting the cryptographic keys that protect bank transactions or investor data in a matter of seconds: the consequences would be devastating.
- Blockchains that use elliptic curve cryptography (ECC), such as Bitcoin, are particularly vulnerable to Shor's algorithm. This means that, in the future, the security of these blockchains could be breached, putting transactions and user data at risk.
- In healthcare, quantum technologies could compromise the confidentiality of electronic medical records, genetic data and pharmaceutical research, putting patient privacy and medical information security at risk.
The timely adoption of post-quantum cryptography (PQC) solutions is essential to ensure data security and business continuity in a future dominated by quantum computers. In the next section, we will look at the first steps towards this transition.
Transition to Post-Quantum Cryptography (PQC)
To mitigate the risks of quantum technologies, post-quantum cryptography (PQC) is being developed. This approach is based on mathematical constructs that have proven resistance to quantum computing, such as lattices (lattice-based cryptography) and error-correcting codes (code-based cryptography).
In 2024, the NIST (National Institute of Standards and Technology) standardised algorithms such as CRYSTALS-Kyber and Dilithium, which provide a solid foundation for post-quantum cryptography (PQC) and enable businesses and governments to begin the transition to more robust security systems.
The migration is complex: it requires software, hardware and protocol updates, a process that could take years but is certainly irreversible. In this article, we do not want to limit ourselves to discussing the negative impacts on cybersecurity because, as always, every technological innovation brings with it great opportunities. In the case of quantum computing, it also offers important developments in defensive solutions such as:
- Quantum key distribution (QKD): uses entanglement, i.e. the quantum correlation that can derive from the principle of superposition, to share cryptographic keys securely and detect any interceptions. QKD is already being used in experimental networks. For example, in Italy, some companies are developing integrated QKD systems for secure end-to-end communications, tested on existing fibre optic networks, as demonstrated during the 2021 G20 summit.
- Quantum random numbers: the intrinsic randomness of quantum mechanics can improve the generation of cryptographic keys.
- Quantum anomaly detection algorithms: capable of identifying suspicious activity or cyber attacks more quickly and efficiently than classical methods by optimising machine learning.
Final thoughts
Quantum computing, born from a theoretical insight by Feynman and Deutsch, is now rapidly becoming a reality. Its history reflects an evolution from abstract speculation to increasingly advanced experimental systems. However, its impact on cybersecurity is twofold: on the one hand, it threatens to break classical cryptography, while on the other, it offers innovative solutions such as QKD. In 2025, we are in a transition phase, with post-quantum cryptography and quantum networks beginning to take shape. Companies such as IBM, Google, Microsoft and others are leading this revolution, investing in hardware, software and practical applications. Preparing now is crucial: those who act early will be ready for the quantum future, while those who delay risk remaining vulnerable.