Author: Marcin Bała, MSc Eng., Chief Technology Officer
Published: April 2026 | Updated: April 2026 | Reading time: 11 minutes
Why Is a Quantum Computer a Problem for Your Encryption?
The intelligence services of several nations are already intercepting encrypted data today and storing it with the future intent of decrypting it on a quantum computer. The "harvest now, decrypt later" strategy is active. If your data from 2026 must remain confidential until 2040 — the problem exists now.
Medical records must be protected for 30 years. Financial contracts for 10. If a quantum computer arrives in 2036, data created today is at risk.
TL;DR — key takeaways
Decision in 60 seconds
Your encryption has an expiry date — RSA and AES are vulnerable to a quantum computer expected ~2031–2036.
Harvest now, decrypt later — several intelligence services are already intercepting data with future decryption in mind.
Two tools — PQC (software, cheap) + QKD (quantum physics, mathematically certain). You need both.
Who must act now — finance, government, healthcare, critical infrastructure, telco.
Quantum Threat Timeline
2024
NIST publishes final PQC standards
FIPS 203, 204, 205 — quantum-resistant algorithms available for deployment today.
Already available
2025
QKD over 254 km without cryogenics
Demonstration in Germany on commercial fiber — standard semiconductor components, real data centers.
Already today
2026
Production QKD deployments — banks, governments, telcos
JP Morgan, US and Chinese governments, telecom operators deploying QKD on critical links.
Now
~2031
Quantum computer "quite possible"
Global Risk Institute 2026: a cryptographically relevant quantum computer possible within 10 years.
Action window is closing
~2036
Quantum computer "probable"
RSA-2048 broken in hours. Data collected today becomes accessible to the attacker.
2026 data at risk
Two Approaches and Why You Need Both
The industry responds to the quantum threat with two methods that work together — not as alternatives.
Layer one
PQC
+Fast deployment — software update
+Scalable — entire infrastructure at once
+Relatively cheap — low deployment cost
~Security based on mathematics — resistant to known quantum attacks
~No guarantee against unknown quantum attacks
NIST standards: FIPS 203, 204, 205 — August 2024
Layer two
QKD
+Mathematically certain — laws of physics, not an algorithm
+Detects eavesdropping — every interception attempt leaves a trace
+Resistant to any computer — quantum and classical alike
+Works on existing fiber — alongside production traffic
~Point-to-point links — for critical connections
254 km without cryogenics — Toshiba demonstration, Nature 2025
Which Organizations Does QKD Matter to Right Now?
Not every organization needs QKD immediately. But for some sectors the action window is narrower than it appears.
Finance and Banking
Contracts and transactions legally protected for decades. Data from 2026 must be secure until 2046.
Immediate priority
Government and Defence
First sector with production deployments. China: Beijing–Shanghai network 2000 km. USA: National Quantum Initiative Act.
Immediate priority
Critical Infrastructure
Energy, water, transport. Decrypted historical data can have physical consequences, not just informational ones.
High priority
Healthcare
Patient data stored for 30+ years — exactly the horizon at which the quantum threat becomes real for data created today.
High priority
Telecommunications
Infrastructure built today operates for 10–15 years. A design decision made in 2026 determines security in the quantum computer era.
Strategic planning
Other sectors
Start with an inventory: which data requires protection for more than 10 years? Those links are the priority for QKD.
Assess and plan
Your Encryption Has an Expiry Date. Your Strategy Does Not Have To.
If after reading this article you are wondering whether your organization is in the risk group — most companies that need QKD find out too late.
FAQ — Encryption & the Quantum Threat
All modern encryption — TLS, RSA, public-key algorithms — relies on a single assumption: that breaking an encryption key requires so much computation that no computer can do it in a reasonable time. That's true for classical computers. It's not true for quantum computers. Shor's algorithm running on a sufficiently large quantum computer will break RSA-2048 in hours. The Global Risk Institute's 2026 report estimates that a "cryptographically relevant" quantum computer is "quite possible" within 10 years and "likely" within 15.
Imagine someone intercepting encrypted data from your network and storing it on a drive. Today they can't read it — it's encrypted. But in 12 years they'll run that same data on a quantum computer and read everything with no problem. This isn't a fictional scenario. This strategy is actively used by the intelligence services of several nations against government, financial and military data right now. Data you protect today must remain secure not just during transmission — but for the entire duration of its sensitivity.
PQC (post-quantum cryptography) is an upgrade to mathematical algorithms — fast, affordable and scalable. NIST published final standards in August 2024 (FIPS 203, 204, 205). It's resistant to known quantum attacks, but its security still relies on mathematical computational problems — with no guarantee against unknown attacks. QKD grounds its security in the laws of quantum physics — mathematically proven, not estimated. No algorithm or quantum computer can change that. The recommendation: deploy PQC broadly and quickly for mass infrastructure protection, and deploy QKD on critical point-to-point connections where mathematical certainty is required.
QKD transmits encryption keys encoded in individual photons — particles of light. A fundamental property of quantum mechanics means that any attempt to intercept a photon irreversibly changes its state. An eavesdropper always leaves a trace. The system detects the intrusion attempt, discards the compromised key and generates a new one — no one ever uses a key that may have been intercepted. Think of it as an envelope that leaves a visible, impossible-to-hide burn mark if anyone opens it before it reaches the recipient.
No. In March 2025, a simultaneous transmission of 33.4 Tb/s of classical data and quantum keys was demonstrated on the same optical fiber over 80 km. QKD can operate on the same network as your production traffic. QKD over 254 kilometers of commercial fiber in Germany was also demonstrated — without cryogenics, using standard semiconductor components, in real data centers.
Primarily organizations whose data must remain confidential for many years: the financial sector (contracts and transactions legally protected for decades), government and defense (intelligence data, diplomatic communications), critical infrastructure (energy, water, transport), healthcare (patient records stored for 30+ years) and telecommunications operators (infrastructure built today will operate for 10–15 years). If data created in 2026 must remain confidential until 2040, and a quantum computer appears in 2036 — the problem exists now, not in the future.
Quantum-safe doesn't mean you're using a quantum computer. It means your communications are secure even when an attacker has one. A quantum-safe strategy has two pillars: PQC — deploying NIST algorithms across your entire infrastructure (fast, scalable, relatively affordable) — and QKD for critical connections where mathematically proven protection is required, independent of any algorithm or computational power. Start with an inventory: which data and connections require protection for more than 10 years? Those connections are the priority for QKD.
Sources:
Global Risk Institute Quantum Threat Timeline 2026
NIST PQC Standards August 2024 (FIPS 203/204/205)
Grand View Research QKD Market Report 2024–2030
Mordor Intelligence QKD Market 2025
CableLabs — QKD in Fiber Networks, March 2026
Turkcell / ID Quantique press release, February 2025
KDDI / Toshiba multiplexing demonstration, March 2025
The data you protect today must remain secure for its entire sensitivity period. A quantum computer could break RSA-2048 by 2036. Here is what you need to know and when to start acting.
