Quantum Computers Are Not a Threat to 128-bit Symmetric Keys
words.filippo.io
There is no need to update symmetric key sizes as part of the post-quantum transition, due to the details of how Grover's algorithm scales. Most authorities agree.

AES-128 is safe against quantum computers. SHA-256 is safe against quantum computers. No symmetric key sizes have to change as part of the post-quantum transition. This is a near-consensus opinion amongst experts and standardization bodies and it needs to propagate to the rest of the IT community. The rest of this article backs up this claim both technically and with references to relevant authorities.

Original article: https://words.filippo.io/128-bits/

TL;DR: https://hackaday.com/2026/04/25/quantum-computers-are-not-a-threat-to-128-bit-symmetric-keys/

  • partofthevoice@lemmy.zipEnglish
    2·
    3 days ago

    Interesting, thanks for the insight. IIRC, you can leverage data about the quantum state to detect eavesdropping though — can’t you? So in effect, if I do recall correctly, it’s introducing a nuanced problem while also introducing a generally applicable solution to it?