Quantum Computing Threatens Crypto Security Now

Gianluca Di Bella, a smart-contract researcher specializing in zero-knowledge proofs, delivered a sobering assessment at the UN City offices in Copenhagen, Denmark: quantum computing represents a current threat to cryptographic security, not a distant theoretical concern. Contrary to conventional wisdom that positions quantum risks as future problems, Di Bella emphasized that the vulnerability exists today through what he termed ‘harvest now, decrypt later’ attacks. This approach involves adversaries collecting and storing encrypted data now with the expectation that future quantum computing capabilities will enable decryption.

The researcher’s warning carries particular weight given his specialization in zero-knowledge proofs (ZK-proofs), a cryptographic method that allows one party to prove to another that a statement is true without revealing any information beyond the validity of the statement itself. Di Bella’s expertise in this cutting-edge field lends credibility to his assertion that even advanced cryptographic techniques like ZK-proofs face quantum vulnerabilities. His position challenges the complacency that has characterized much of the cryptocurrency and cybersecurity industries regarding quantum threats.

The core of Di Bella’s concern lies in the temporal disconnect between data collection and decryption capability. ‘Harvest now, decrypt later’ attacks exploit this gap by accumulating sensitive encrypted information today that can be decrypted once quantum computers achieve sufficient power. This creates a critical security dilemma: data that appears secure under current technological constraints may become completely exposed within a decade or two.

Di Bella provided a compelling example to illustrate the real-world implications: ‘If the identity of a dissident in a totalitarian country is protected solely by encryption, they want to ensure that the data will remain safe for 10, 15, 20 or more years into the future.’ This scenario underscores how current encryption methods may fail to provide the long-term protection that sensitive information requires. The researcher’s example highlights that the stakes extend beyond financial data to include human rights and personal safety.

The fundamental problem, according to Di Bella, is that many organizations and individuals operate under the assumption that their encrypted data will remain secure indefinitely. However, with quantum computing advancing steadily, this assumption becomes increasingly dangerous. Data harvested today could include financial transactions, personal communications, government secrets, or proprietary business information—all of which could be decrypted and exploited in the future.

Di Bella’s most urgent recommendation is clear: ‘we should migrate now’ to post-quantum encryption standards. This call to action stems from his assessment that while practical commercial quantum computing might be ’10 or 15 years away,’ the migration to quantum-resistant cryptography requires significant lead time. The transition involves not only developing new cryptographic standards but also implementing them across countless systems and ensuring backward compatibility where necessary.

The researcher specifically cautioned that ‘big institutions like Microsoft or Google might have a solution in a few years,’ suggesting that the quantum computing timeline may be shorter than commonly assumed. This warning carries particular significance given the resources and research capabilities these technology giants possess. Their potential to accelerate quantum computing development means that organizations cannot afford to wait until quantum computers become commercially available before addressing the cryptographic implications.

Post-quantum cryptography refers to cryptographic algorithms that are thought to be secure against attacks by both classical and quantum computers. The migration Di Bella advocates involves replacing current public-key cryptography systems with quantum-resistant alternatives. This process requires careful planning, testing, and implementation to avoid creating new vulnerabilities while addressing the quantum threat. The researcher’s position reflects growing consensus among cryptographic experts that early adoption of post-quantum standards is essential for long-term data security.

Di Bella’s specialization in zero-knowledge proofs adds particular significance to his warnings about quantum vulnerability. ZK-proofs have become increasingly important in blockchain technology, privacy-preserving applications, and secure authentication systems. If quantum computers can break the cryptographic foundations of ZK-proofs, numerous advanced security systems could be compromised.

The threat extends beyond ZK-proofs to encompass the entire cryptographic infrastructure that underpins modern digital security. Current encryption standards, including those protecting financial transactions, secure communications, and sensitive data storage, all face potential compromise from sufficiently powerful quantum computers. This vulnerability affects not only cryptocurrency systems but also traditional banking, government communications, and corporate data protection.

Di Bella’s assessment suggests that the window for proactive migration is closing. Organizations that delay implementing post-quantum cryptography risk having their currently encrypted data harvested and stored by adversaries anticipating future decryption capabilities. The researcher’s message from Copenhagen serves as a wake-up call to the cryptographic community and technology industry: the quantum threat is not tomorrow’s problem—it requires today’s solution.