The quantum-in-cyber horror movie starts soon. Take your seats in the first row. Quantum algorithms knocked on the HASHing algorithms' door.

You probably heard about the risk that quantum computing poses to cryptography algorithms. Look a little bit closer into the topic. You will find that three cryptography primitives are usually discussed in this context: Public Key Encryption, Symmetric Cryptography and Hash Functions. (There are other cryptography primitives, by the way - https://en.wikipedia.org/wiki/Cryptographic_primitive)

Public Key Encryption is what people usually refer to when they speak about quantum-in-cyber risk. These algorithms are generally mathematical problems. They are hard for classical computers but happen to be easy for quantum. And they become unreliable with the development of quantum computers and attack algorithms. This is the important piece here; the threat is the accumulation of developments from two areas: hardware and algorithms. Their fundament is cracking but loosely holds for now. Cracks are severe and probably will not sustain further algorithms development and hardware evolution. For CISOs and CROs, with knowledge of their data retention requirements, the planning horizon is probably in the past and for sure not later than now.

The other two cryptography classes, symmetric and hashing algorithms, were in a happy place. Their fundament was rock-solid. With quantum, we could brute force using Groove's algorithm (try all possible options) faster, but the foundations were untouched.

New publications revealed an attack vector on SHA-1 algorithms. Knock-knock!

You may reply that SHA-1 was un-secure before quantum computers were developed, but as the authors wrote, "The principles of the algorithm apply to other SHA and MD5 hashing protocols as well, only that the qubit length would vary."

"We propose a quantum algorithm for seeding disturbance vectors, which describe differential paths that would successfully lead to collisions on SHA-1 hashing results." "These results highlight that the proposed algorithm is imminently implementable and is able to find the same disturbance vectors with lower computational complexity than its classical counterparts."

Advancement of cryptography algorithms will continue with many research activities conducted non-publically. With rapid hardware evolution, understanding the risk and how it could be remediated becomes a survival task rather than a good to have option.

Link to the original research paper

https://arxiv.org/abs/2210.12762