Preparing for 'Q Day': A Primer on the Quantum Threat and the Strategic Shift to Post-Quantum Cryptography

While the rise of quantum computing lies ahead, its disruptive impact is already reshaping industries such as cybersecurity. Traditional cryptographic methods, while secure against classical computers, face obsolescence in a post-quantum world. As organizations evaluate their readiness for the quantum era, it is vital to first understand the cryptographic techniques used today and assess their vulnerability to quantum computers. Equally important is recognizing how quantum computing reshapes the cyber threat landscape so we can prepare for emerging attacks.  

This blog provides a primer on post-quantum cryptography and then covers some threat scenarios that will occur during the transition to quantum-safe algorithms. This is the first entry in a series of blogs that will help organizations prepare for the Post-Quantum Era. Future entries will cover a variety of topics:
 

• Post-quantum digital signatures: the ultimate cryptographic agility challenge
• Post-quantum key exchange demystified: how it works and Zscaler’s phased approach to post-quantum key exchange
• Compliance mandates and how Zscaler can help organizations meet them
• Enabling quantum key exchange algorithms and decryption of PQC traffic on the Zero Trust Exchange
• Key areas organizations should focus on for a successful transition to PQC

An Overview of Current Key Cryptographic Systems  

Cryptographic systems in cybersecurity fall into four major categories: key exchange methods, symmetric ciphers, cryptographic hash functions, and digital signatures. Below, we review these systems and whether they are post-quantum safe.

Key Exchange Methods  

Key exchange enables secure establishment of encryption keys over potentially insecure networks. Current widely used techniques include:  

• Elliptic Curve Diffie-Hellman Ephemeral (ECDHE): Employs elliptic curve mathematics for secure key exchange and is not post-quantum safe because it’s also vulnerable to Shor's Algorithm, a quantum algorithm that fundamentally breaks the mathematical foundation of elliptic curve cryptography.
• Finite Field Diffie-Hellman Ephemeral (FFDHE): Builds upon the classical Diffie-Hellman Key Exchange mechanism above and "ephemeral" because temporary key pairs are used for each exchange session. The keys are calculated using arithmetic operations over a “finite field,” a mathematical structure where numbers wrap around upon reaching a certain limit. Not post-quantum safe because it is also vulnerable to Shor’s Algorithm.
• RSA (Rivest-Shamir-Adleman): An asymmetric encryption system based on factoring large integers that is not post-quantum safe: Shor's Algorithm can quickly factor its keys. Shor’s Algorithm is a quantum computing algorithm designed to factorize large integers and solve the discrete logarithm problem exponentially faster than any classical approach.

Symmetric Ciphers  

Symmetric ciphers use a single key for encryption and decryption. AES (Advanced Encryption Standard) is a primary example: it’s a cipher that encrypts fixed-size blocks of data and is post-quantum safe. But Grover’s Algorithm reduces its security efficacy requiring longer keys while not rendering it totally unusable. 

Developed by Lov Grover in 1996, his namesake algorithm offers a quantum-enabled advantage in searching unsorted databases and performing exhaustive search tasks. While not as destructive to cryptographic standards as Shor’s Algorithm, Grover's Algorithm significantly reduces the efficacy of symmetric encryption and cryptographic hash functions, presenting substantial challenges in the post-quantum era. But this algorithm requires a vastly larger quantum computer in order to break RSA/EC—as fantastical as it may seem, even a moon-sized quantum computer wouldn’t be able to downgrade AES-128.

Cryptographic Hash Functions 

Hash functions aim to securely map data of arbitrary size to fixed-size outputs. Examples include:  

• SHA-2 (Secure Hash Algorithm): A widely used hash function for data integrity. Partially post-quantum safe as Grover's Algorithm weakens its efficacy but doesn’t break it entirely.
• SHA-3:  The successor to SHA-2, designed to be more cryptographically robust. Partially post-quantum safe, similarly impacted by Grover’s Algorithm.

Note that commonly used SHA sizes such as SHA-256 are still adequate even if Grover's Algorithm could somehow be implemented at the required scale to compromise these algorithms.  

Digital Signatures 

Digital signatures ensure authentication, integrity, and non-repudiation of communications. Examples include:

• RSA Signatures: Leverages RSA encryption for authentication. They are not post-quantum safe due to Shor’s Algorithm.
• Elliptic Curve Digital Signature Algorithm (ECDSA): Authenticates messages using elliptic curve cryptography. Not post-quantum safe as elliptic curves are vulnerable to Shor’s Algorithm.
• Edwards-curve Digital Signature Algorithm (EdDSA): Digital signature scheme based on elliptic curve cryptography designed to be faster than existing digital signature schemes without sacrificing security. As with ECDSA, this signature type is not post-quantum safe.

Cryptographic Methods and Post-Quantum Safety At-a-Glance

How Quantum Computing Expands the Cyber Attack Surface 

The disruptive power of quantum computing presents significant risks for cybersecurity. “Q Day” is the day when fully scalable quantum computers are capable of breaking encryption—market watchers expect this to occur sometime between 2030-2035. But attackers are already preparing to exploit quantum technology. Below are the primary ways quantum computing is set to expand the cyber attack surface:

"Harvest Now, Decrypt Later" Attacks

Adversaries today are intercepting encrypted information with the goal of decrypting it later, once quantum computers become viable. This strategy, often referred to as "Harvest Now, Decrypt Later," is particularly concerning for organizations holding sensitive long-term data that must remain confidential for decades. Examples include intellectual property, medical and banking records, or national security secrets. Once quantum decryption becomes feasible, this data could be exposed retroactively, revealing critical information and proprietary research.

Indeed, some attackers regularly hijack internet routing so they can capture and store vast volumes of data from which they later hope to extract valuable information once quantum computers are available. Public Wi-Fi is also a popular hunting ground for cybercriminals, and quantum decryption represents a huge upgrade to common man-in-the-middle (MITM) attacks. Attackers on public networks can gather encrypted data such as login credentials, credit card details, and emails with sensitive content. Once quantum computers become operational, attackers could decrypt captured traffic, exposing organizations to data breaches and phishing campaigns.

Broken Digital Signatures: A Loss of Secure Communications

Digital signatures underpin authentication, file integrity checks, and secure communications. However, most existing digital signatures rely on mathematical problems (e.g., RSA or ECDSA) that quantum computers will render obsolete. Even before quantum computers fully materialize, attackers may begin preemptively undermining organizations by planning for a post-quantum environment where secure communications collapse completely.

Quantum computers will enable bad actors to crack PKI (Public Key Infrastructure) systems, which rely on insecure key encapsulation and digital signature protocols vulnerable to quantum decryption. Once they can do this, threat actors will impersonate legitimate websites, services, or devices. For instance, attackers could forge a fake corporate website with perfect TLS certification to phish unsuspecting clients or employees.

Decreased Efficacy of Symmetric Encryption and Cryptographic Hashes

Grover’s Algorithm reduces the work factor needed to break symmetric encryption and cryptographic hashes. While AES encryption and SHA-2 remain usable by doubling key or hash lengths, these systems will require more resources to maintain the same level of security. This could result in a surge of resource-intensive encryption techniques, impacting everything from IoT devices to global communications networks.

Ensuring Interoperability and Preparing for Quantum Cybersecurity Challenges

Attackers are likely planning today to incorporate quantum computing as a standard part of their cyberattack arsenal, even though quantum systems capable of breaking encryption are not expected until at least the 2030s. Below are steps organizations can take to begin their quantum-ready transformation:  

1. Adopt Post-Quantum Cryptography: Organizations should follow guidance from national regulators such as NIST in USA or industry specific regulators such as Financial Conduct Authority and the National Quantum Computing Centre in UK, all of which are standardizing post-quantum cryptographic algorithms. Work with vendors to identify transition timelines and integrate post-quantum approaches into business-critical workflows.
2. Audit Cryptographic Systems: Conduct a comprehensive audit of all encryption-dependent systems to identify areas of vulnerability to quantum attacks. Focus on securing data that must remain confidential long-term, like intellectual property, personal customer data, and supply chain communications.
3. Network Segmentation and Encryption Revamp: Segment corporate networks and evaluate communication channels for quantum-safe alternatives. This ensures that even if one vector is compromised, lateral movement is minimized.
4. Monitor Emerging Threats: Cybersecurity teams must actively monitor advancements in quantum computing and incorporate quantum threat scenarios in tabletop exercises. This is especially important since adversaries will increasingly combine traditional attack methods with quantum exploitation. Zscaler customers can already gain visibility into PQC algorithms traversing their environments with our new interactive reporting we recently launched.

Conclusion  

Quantum computers herald incredible potential but also introduce seismic challenges in cybersecurity. RSA, ECDHE, and digital signatures are some of the current cryptographic methods that are fundamentally unfit for a post-quantum world: they require urgent replacement with quantum-safe alternatives while new attack types emerge. 

Zscaler has been preparing for the Post-Quantum Era by supporting hybrid encryption systems, and enabling scalable integration of quantum-resilient protocols across its cloud infrastructure. As an organization, we collaborate globally with standardization bodies like NIST and are future-proofing our platform to ensure its interoperability with PQC standards—all in service of accelerating our customers’ journey to becoming quantum safe.

In the quantum race, the cost of inaction can be high: every encrypted secret, trade secret, and private conversation risks exposure: the time to prepare for quantum cybersecurity is not in 2030—it’s now: stay tuned for our next installment in this series of Post-Quantum Era blogs.