Cookie Consent by Free Privacy Policy Generator
Close this search box.

Is AES-256 Quantum Resistant?

quantum computing

With quantum computers getting more powerful every year, many worry about the safety of modern encryption standards. As quantum computers improve in performance and the number of qubits used for calculations increases, current cryptosystems are under more threat of attack.

What will break?

Many asymmetric encryption algorithms have been mathematically proven to be broken by quantum computers using Shor’s algorithm. Shor’s algorithm solves the following problem:

Given an integer N, find its prime factors.

Because algorithms like RSA rely heavily on the fact that normal computers can’t find prime factors quickly, they have remained secure for years. With quantum computers breaking that assumption, then it may be time to find new standards.

The following are examples of encryption that Shor’s algorithm can break:

Symmetric Encryption

Symmetric encryption, or more specifically AES-256, is believed to be quantum-resistant. That means that quantum computers are not expected to be able to reduce the attack time enough to be effective if the key sizes are large enough.

Responsive Image

symmetric kittens
Symmetric Cats

Grover’s algorithm can reduce the brute force attack time to its square root. So for AES-128 the attack time becomes reduced to 2^64 (not very secure), while AES-256 becomes reduced to 2^128 which is still considered extremely secure.

It is important to remember that even 256-bit keys derived from passwords actually can have less than 256-bits of entropy because an attacker could try deriving keys from likely passwords vs trying random 256-bit numbers.

For example, instead of randomly trying

  1. azpV4CYbAwQUP4BaJJJNDBxEUkghMF8x2Sd4Q7ihD04=
  2. mtOXPNln432smP3pd3rVLw9rpGGkVsiqRhUFLXy/KBw=
  3. ..

An attacker would try the following:

  1. password123 –> 75K3eLr+dx6JJFuJ7LwIpEpOFmwGZZkRiB84PURz6U8=
  2. password1234 –> uclQZA4bN0DpisuT5mnGV2b2Zw3RYJupH/QQUrpIxvM=

If you are implementing AES in a cryptosystem in 2020 you should favor AES-256 over AES-128 for the quantum resistance that it offers.

More Sources

Thanks For Reading

Hit me up on twitter @wagslane if you have any questions or comments.

Follow me on wagslane

The post Is AES-256 Quantum Resistant first appeared on Qvault.

Lane Wagner

Share this article:

Keep track of everything going on in the Quantum Technology Market.

In one place.


Join Our Newsletter