Blog

Categories:
2. 3. 2026
Security Cryptography
Digital and Quantum computers, part 4

Comparing Digital and Quantum Computers, Part 4: Attack with Quantum Computer

Everyone in the IT world is wondering how big a threat quantum computers pose to cryptography and how to deal with the problem. This series of articles tries to explain the problem in a popular way. After discrete logarithm problem, and its solution on digital computers, it is useful to understand the impact of quantum computers.

Principles of attacks to current asymmetric algorithms using quantum computersu

Breaking current algorithms for asymmetric cryptography requires the use of QFT, the Quantum Fourier Transformation. Current asymmetric algorithms are built on certain assumptions and complex problems that we have not been able to solve yet.

The RSA algorithm is built around the factorization problem. That is, if we have a number n , we are unable to determine the numbers p and q from which it was formed. In the case of RSA, p and q are large primes to protect against brute force attacks. Factoring such numbers is extremely computationally demanding.

DH, DSA, ECDH, ECDSA algorithms are algorithms that are built on the discrete logarithm problem. In simple terms, we can usually calculate the power of a number. But there is a certain area of mathematics where roots are complicated. This is modular arithmetic, which uses numbers in certain groups (groups). We have all encountered this area in school, it is about counting with remainders. It is possible to imagine it as counting on a clock that has a prime number of entries (counting modulo a prime number). Raising a number to a power of some value tells us the number of steps, but because we are rotating in a circle, we can often get to the same values. What were the original values and the number we were exponentiating?

In the above cases, QFT can help us. Its principle is already known today, but it is a function that allows us to search for a certain repetition period. The original Fourier transform, after conversion into the form of a quantum algorithm, allowed Peter Shor to propose a procedure for attacking the RSA algorithm in 1995. Later, this principle was also used to attack other forms of asymmetric cryptography. In the case of factorization, the procedure searches for the period of the function, in the case of elliptic curves, a linear function (linear relationships between individual elements), which allows us to calculate the parameters of the secret key.

If we talk about specific algorithms, for RSA we will look for an order (modular basis). It is possible to imagine it as a swimming pool, which has a length and width corresponding to the length of the number n . We make its surface oscillate, so that we have waves of all sizes and frequencies. A quantum computer evaluates this surface using QFT at once. The places where there are the largest deviations also indicate the most probable combinations of numbers. The algorithm tries to find out which combinations of results are the most probable, but the result must then be verified on a regular digital computer. This is called post-processing. The goal of new variants of the algorithm is to reduce the demand for the number of qubits and increase the probability of a successful result.

The situation is a little different for elliptic curves. Here, the basis of a linear function is sought. The curve has certain parameters and usually a specified starting point. If we know the target point, QFT can be used to find all possible combinations of multiples that lead to a given result. Based on the given values, the algorithm then finds the probability for the given values, because for certain multiples it is not possible to reach the given points. The idea of such a solution is much more complicated. Graph paper is commonly used to draw the function, but in this case the paper will be extremely flexible. Since it is limited by a prime number to a certain length and width, we need a certain adjustment to draw an infinite curve. This means connecting the top and bottom sides (a cylinder is formed) and then connecting the sides to each other (a toroid is formed, something like an inflated tire). If we know the starting point and the end point, QFT finds all possible parameters when it is possible to get from the starting point to the end point. Something like a taut string that copies this curve from the starting point to the end point. There are an enormous number of these strings. Certain combinations of tones (repetition frequencies) can be played on all of these strings. Those that are not tuned play falsely. False frequencies are automatically discarded, the rest are sorted out by the QFT function. This function looks for strings with the purest tone, that is, it looks for suitable combinations of parameters. However, unlike RSA, it is necessary to use not one, but two registers for the calculation, which is why the number of qbits is larger. As with RSA, post-processing is also necessary after the calculation. Since better and better procedures are being sought today, the goal of new variants of the algorithm is to reduce the demand on the number of qbits and increase the probability of a successful result.

Miniaturization of quantum computers and its limits

Current quantum computers require hundreds to thousands of physical qubits per logical qubit. This is due to noise and the need to ensure adequate error correction using quantum correction codes. Most people in computer science are used to Moore's Law (more precisely, observations) and are reassured by the idea that it is only necessary to wait a few years. However, there is a significant difference between digital and quantum computers. Moore's Law was built on automation, increasing density and negligible noise, and currently (more precisely since 2015) it is also reaching its limits. In the case of quantum computers, the situation is significantly worse. Each individual qubit is simply not a transistor, it cannot be easily reduced. It needs control, isolation and calibration. At the same time, adding qubits does not necessarily mean an increase in performance. The reason is the mutual influence in the entire system, each qubit means more cabling, cooling, noise and therefore more error correction.

The observation of the development is too short for a possible estimate of the rules of development. Probably the best metric in this area is called Quantum Volume. It describes the increase based on the number of qubits, circuit depth and error rate, yet even that cannot predict the development in an adequate way. So although the number of qubits is seemingly growing exponentially, this does not have a corresponding effect on the logical qubits, performance and significant improvement in the area of error reduction. Scaling is currently extremely difficult, the production of quantum computers is not an automated serial line, which we are used to with silicon. It is more of a manufactory with tens to hundreds of highly qualified specialists.

Miniaturization itself then encounters several physical problems. One problem is the uncertainty principle, known as the Heisenberg principle. Simply put, we have the momentum of a particle and its position, but we can only know one of the items. Another view is similar, we have time and energy, again we can only know one of the items. Any measurement requires energy, the smaller the particle, the higher it is. And of course, we influence the particle by measuring. Another problem concerns the addressing of the value caused by the energy used. So the smaller the given element, the higher the energy it needs for manipulation. This of course also affects the surrounding systems and creates unwanted noise. In addition to the problems mentioned, the distance between the individual qubits must be greater than the wavelength of the controlling electromagnetic fields, today microwaves are usually used. Otherwise, the individual physical qubits would interact with each other. Then we have another problem, which is the ratio of the volume to the surface of the qubit. The smaller the qbit, i.e. the smaller its volume, the more pronounced this ratio to the surface is, and below a certain size, the behavior of the qubit is mainly determined by its surface area. Because the most significant noise generation occurs on the surface (interaction with the environment), the surface area significantly affects the error rate of a given physical qubit. Below a size of about 10 nm, the surface determines the ability to withstand noise. We can continue beyond the size limits based on Planck units (Planck length 1.6∙10−35 m and Planck time 5.4∙10−44 s) , i.e. the smallest length and shortest time. Below this limit, the concept of a qubit ceases to have meaning. More precisely, the question is whether anything else has meaning below this limit, but these are questions that probably not many people can answer. We will probably never be able to reach this limit. Finally, as with classical computers, there is the Landauer limit. This specifies that the destruction of any information generates heat. For this reason, it is better not to erase information, but to count it. For quantum computers, heat is another source of noise that threatens their ability to perform calculations. Moreover, the smaller the circuit, the worse the heat is dissipated. The Landauer limit thus creates a natural barrier that will always have an impact on the design of the computer and the threat of interruption of the calculation by spontaneous collapse.

This paragraph often mentions the terms physical and logical qubit, but what is the difference? A physical qubit is an implementation in hardware, a physical element with quantum properties. A logical qubit is a construction over several physical qubits using quantum correction codes. It is significantly more stable, because the coupling between the physical representations allows the creation of a more stable logical representation with the help of the aforementioned codes. In addition to its significant impact on reliability, this property also allows a certain freedom in marketing product representations.


To be continued in the next section How Quantum Computers Works (March 9th 2026)

References:

  1. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
    Source: https://arxiv.org/
  2. Semiclassical Fourier Transform for Quantum Computation
    Source: https://arxiv.org/
  3. Circuit for Shor’s algorithm using 2n+3 qubits
    Source: https://arxiv.org/
  4. Surface codes: Towards practical large-scale quantum computation
    Source: https://arxiv.org/
  5. How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits
    Source: https://arxiv.org/

Autor článku:

Jan Dušátko
Jan Dušátko

Jan Dušátko has been working with computers and computer security for almost a quarter of a century. In the field of cryptography, he has cooperated with leading experts such as Vlastimil Klíma or Tomáš Rosa. Currently he works as a security consultant, his main focus is on topics related to cryptography, security, e-mail communication and Linux systems.

Podobné články

Sharing files with SMB protocol and cryptography
16. 9. 2024
Sharing files with SMB protocol and cryptography
Sharing files with NFS protocol and cryptography
17. 9. 2024
Sharing files with NFS protocol and cryptography
Quantum computer resistant algorithms
27. 9. 2024
Quantum computer resistant algorithms
Storing password with Crypt interface
8. 10. 2024
Storing password with Crypt interface
logo

Your learning platform for cryptography
and security.

Jan Dušátko
info@cryptosession.cz
+420 602 427 840

Pod Harfou 938/58
190 00, Praha 9

IČ: 43479766
DIČ: CZ 7208253041

Bank no.:
0360576337/0300

© 2026 Cryptosession.cz Design: Lukáš Kejha, Development: Karel Tropp

1. Introductory Provisions

1.1. These General Terms and Conditions are, unless otherwise agreed in writing in the contract, an integral part of all contracts relating to training organised or provided by the trainer, Jan Dušátko, IČ 434 797 66, DIČ 7208253041, with location Pod Harfou 938/58, Praha 9 (next as a „lector“).
1.2. The contracting parties in the general terms and conditions are meant to be the trainer and the ordering party, where the ordering party may also be the mediator of the contractual relationship.
1.3. Issues that are not regulated by these terms and conditions are dealt with according to the Czech Civil Code, i.e. Act No.89/2012 Coll.
1.4. All potential disputes will be resolved according to the law of the Czech Republic.

2. Creation of a contract by signing up for a course

2.1. Application means unilateral action of the client addressed to the trainer through a data box with identification euxesuf, e-mailu with address register@cryptosession.cz or register@cryptosession.info, internet pages cryptosession.cz, cryptosession.info or contact phone +420 602 427 840.
2.2. By submitting the application, the Client agrees with these General Terms and Conditions and declares that he has become acquainted with them.
2.3. The application is deemed to have been received at the time of confirmation (within 2 working days by default) by the trainer or intermediary. This confirmation is sent to the data box or to the contact e-mail.
2.4. The standard time for registration is no later than 14 working days before the educational event, unless otherwise stated. In the case of a natural non-business person, the order must be at least 28 working days before the educational event.
2.5. More than one participant can be registered for one application.
2.6. If there are more than 10 participants from one Client, it is possible to arrange for training at the place of residence of the intermediary or the Client.
2.7. Applications are received and processed in the order in which they have been received by the Provider. The Provider immediately informs the Client of all facts. These are the filling of capacity, too low number of participants, or any other serious reason, such as a lecturer's illness or force majeure. In this case, the Client will be offered a new term or participation in another educational event. In the event that the ordering party does not agree to move or participate in another educational event offered, the provider will refund the participation fee. The lack of participants is notified to the ordering party at least 14 days before the start of the planned term.
2.8. The contract between the provider and the ordering party arises by sending a confirmation from the provider to the ordering party.
2.9. The contract may be changed or cancelled only if the legal prerequisites are met and only in writing.

3. Termination of the contract by cancellation of the application

3.1. The application may be cancelled by the ordering party via e-mail or via a data mailbox.
3.2. The customer has the right to cancel his or her application for the course 14 days before the course takes place without any fees. If the period is shorter, the subsequent change takes place. In the interval of 7-13 days, an administrative fee of 10% is charged, cancellation of participation in a shorter interval than 7 days then a fee of 25%. In case of cancellation of the application or order by the customer, the possibility of the customer's participation in an alternative period without any additional fee is offered. The right to cancel the application expires with the implementation of the ordered training.
3.3. In case of cancellation of the application by the trainer, the ordering party is entitled to a full refund for the unrealized action.
3.4. The ordering party has the right to request an alternative date or an alternative training. In such case, the ordering party will be informed about all open courses. The alternative date cannot be enforced or enforced, it depends on the current availability of the course. If the alternative training is for a lower price, the ordering party will pay the difference. If the alternative training is for a lower price, the trainer will return the difference in the training prices to the ordering party.

4. Price and payment terms

4.1. By sending the application, the ordering party accepts the contract price (hereinafter referred to as the participation fee) indicated for the course.
4.2. In case of multiple participants registered with one application, a discount is possible.
4.3. The participation fee must be paid into the bank account of the company held with the company Komerční banka č. 78-7768770207/0100, IBAN:CZ5301000000787768770207, BIC:KOMBCZPPXXX. When making the payment, a variable symbol must be provided, which is indicated on the invoice sent to the client by the trainer.
4.4. The participation fee includes the provider's costs, including the training materials. The provider is a VAT payer.
4.5. The client is obliged to pay the participation fee within 14 working days of receipt of the invoice, unless otherwise stated by a separate contract.
4.6. If the person enrolled does not attend the training and no other agreement has been made, his or her absence is considered a cancellation application at an interval of less than 7 days, i.e. the trainer is entitled to a reward of 25% of the course price. The overpayment is returned within 14 days to the sender's payment account from which the funds were sent. Payment to another account number is not possible.
4.7. An invoice will be issued by the trainer no later than 5 working days from the beginning of the training, which will be sent by e-mail or data box as agreed.

5. Training conditions

5.1. The trainer is obliged to inform the client 14 days in advance of the location and time of the training, including the start and end dates of the daily programme.
5.2. If the client is not a student of the course, he is obliged to ensure the distribution of this information to the end participants. The trainer is not responsible for failure to comply with these terms and conditions.
5.2. By default, the training takes place from 9 a.m. to 5 p.m. at a predetermined location.
5.3. The trainer can be available from 8 a.m. to 9 a.m. and then from 17 a.m. to 6 p.m. for questions from the participants, according to the current terms and conditions.
5.4. At the end of the training, the certificate of absorption is handed over to the end users.
5.5. At the end of the training, the end users evaluate the trainer's approach and are asked to comment on the evaluation of his presentation, the manner of presentation and the significance of the information provided.

6. Complaints

6.1. If the participant is grossly dissatisfied with the course, the trainer is informed of this information.
6.2. The reasons for dissatisfaction are recorded in the minutes in two copies on the same day. One is handed over to the client and one is held by the trainer.
6.3. A statement on the complaint will be submitted by e-mail within two weeks. A solution will then be agreed within one week.
6.4. The customer's dissatisfaction may be a reason for discontinuing further cooperation, or financial compensation up to the price of the training, after deduction of costs.

7. Copyright of the provided materials

7.1. The training materials provided by the trainer in the course of the training meet the characteristics of a copyrighted work in accordance with Czech Act No 121/2000 Coll.
7.2. None of the training materials or any part thereof may be further processed, reproduced, distributed or used for further presentations or training in any way without the prior written consent of the trainer.

8. Liability

8.1. The trainer does not assume responsibility for any shortcomings in the services of any third party that he uses in the training.
8.2. The trainer does not assume responsibility for injuries, damages and losses incurred by the participants in the training events or caused by the participants. Such costs, caused by the above circumstances, shall be borne exclusively by the participant in the training event.

9. Validity of the Terms

9.1 These General Terms and Conditions shall be valid and effective from 1 October 2024.

Consent to the collection and processing of personal data

According to Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as "the Regulation"), the processor xxx (hereinafter referred to as "the Controller") processes personal data. Individual personal data that are part of the processing during specific activities at this web presentation and in the course of trade are also broken down.
Although the collection of data is ubiquitous, the operation of this website is based on the right to privacy of each user. For this reason, the collection of information about users takes place to the extent absolutely necessary and only if the user decides to contact the operator. We consider any further collection and processing of data unethical.

Information about the records of access to the web presentation

This website does not collect any cookies. The site does not use any analytical scripts of third parties (social networks, cloud providers). For these reasons, an option is also offered for displaying the map in the form of a link, where the primary source is OpenStreet and alternatives then the frequently used Maps of Seznam, a.s., or Google Maps of Google LLC Inc. The use of any of these sources is entirely at the discretion of the users of this site. The administrator is not responsible for the collection of data carried out by these companies, does not provide them with data about users and does not cooperate on the collection of data.
Logging of access takes place only at the system level, the reason being the identification of any technical or security problems. Other reasons are overview access statistics. No specific data is collected or monitored in this area and all access records are deleted after three months.

Information about contacting the operator of the site

The form for contacting the operator of the site (administrator) contains the following personal data: name, surname, e-mail. These data are intended only for this communication, corresponding to the address of the user and are kept for the time necessary to fulfil the purpose, up to a maximum of one year, unless the user determines otherwise.

Information about the order form

In case of an interest in the order form, the form contains more data, i.e. name, surname, e-mail and contact details for the organisation. These data are intended only for this communication, corresponding to the address of the user and are kept for one year, unless the user determines otherwise. In the event that a business relationship is concluded on the basis of this order, only the information required by Czech law on the basis of business relations (company name and address, bank account number, type of course and its price) will continue to be kept by the administrator.

Information about the course completion document

Within the course, a course completion document is issued by the processor. This document contains the following data: student's name and surname, the name and date of the course completion and the employer's name. The information is subsequently used for the creation of a linear hash tree (non-modifiable record). This database contains only information about the provided names and company names, which may or may not correspond to reality and is maintained by the processor for possible re-issuance or verification of the document's issuance.

Rights of the personal data subject

The customer or visitor of this website has the possibility to request information about the processing of personal data, the right to request access to personal data, or the right to request the correction or deletion of any data held about him. In the case of deletion, this requirement cannot be fulfilled only if it is not data strictly necessary in the course of business. The customer or visitor of this website also has the right to obtain explanations regarding the processing of his personal data if he finds out or believes that the processing is carried out in violation of the protection of his private and personal life or in violation of applicable legislation, and the right to request removal of the resulting situation and to ensure the correction.
Furthermore, the customer/visitor of this website may request restriction of processing or object to the processing of personal data and has the right to withdraw his/her consent to the processing of personal data at any time in writing, without prejudice to the lawfulness of their processing prior to such withdrawal. For this purpose, the contact e-mail address support@cryptosession.cz is used.
The customer/visitor has the right to file a complaint against the processing of personal data with the supervisory authority, which is the Office for Personal Data Protection.