Antigravity Q&A
Could assets signed only classically before migration become vulnerable once quantum computers emerge?
Answered by claude-haiku-4-5 · 9 May 2026
Answer
Yes—this is a serious concern, and it's known as the "harvest now, decrypt later" threat [AG-2024.05-2225].
Here's the vulnerability: RSA and Elliptic Curve Cryptography (ECC), which protect most digital signatures and key exchanges today, rely on the hardness of factoring large numbers or computing discrete logarithms [AG-2024.05-2225]. Shor's algorithm—a quantum algorithm—can solve both problems efficiently [AG-2024.05-2225]. An adversary with a sufficiently powerful quantum computer could factor the keys that signed your assets classically, forge new signatures, and potentially steal or redirect them.
The timeline matters. Quantum computers powerful enough to threaten current cryptography "are likely to be available in a couple of years" according to current expert assessments [AG-2024.05-2225], though other analyses suggest the risk window remains uncertain [AG-2024.01-2022]. But the attack doesn't require waiting: adversaries can collect encrypted communications or signed transactions *today* and crack them later once quantum hardware materializes. For long-lived assets (like blockchain holdings or digitally signed deeds), this "harvest now, decrypt later" strategy is especially dangerous [AG-2024.02-1291].
The solution is migration to post-quantum cryptography—schemes based on problems believed to resist both classical *and* quantum attacks, such as lattice-based cryptography [AG-2024.05-2225]. Algorithms like Kyber (for key encapsulation) and Dilithium (for signatures) are now being standardized [AG-2024.05-2225] and incorporated into blockchain systems [AG-2024.02-1291]. The challenge is that migrating legacy systems—especially "low-computational" industrial infrastructure—is expensive and technically complex [AG-2024.01-1401].
The critical infrastructure and blockchain communities are already moving: governments and industry are actively adopting post-quantum standards [AG-2024.05-2225, AG-2024.02-1291]. If you hold classically signed assets, the prudent step is to migrate them to quantum-resistant signatures *before* large quantum computers exist.
Sources · 8
- 63%cs.CRPost-Quantum Security: Origin, Fundamentals, and AdoptionAG-2024.05-2225
- 61%cs.CRTowards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacksAG-2024.02-1291
- 58%quant-phAssessing the Benefits and Risks of Quantum ComputersAG-2024.01-2022
- 55%quant-ph51% Attack via Difficulty Increase with a Small Quantum MinerAG-2024.03-1707
- 55%quant-phCryptography: Classical versus Post-QuantumAG-2024.02-1740
- 54%cs.CRQPP and HPPK: Unifying Non-Commutativity for Quantum-Secure Cryptography with Galois Permutation GroupAG-2024.02-1337
- 54%cs.CRPost Quantum Cryptography and its Comparison with Classical CryptographyAG-2024.03-2222
- 54%cs.CRCybersecurity in Critical Infrastructures: A Post-Quantum Cryptography PerspectiveAG-2024.01-1401
Keep exploring
- How does the computational cost of post-quantum signatures like Dilithium compare to current ECC signing?
- Could adversaries selectively target only the highest-value assets during decryption, or must they crack everything?
- Why haven't blockchain systems already migrated if the threat timeline is measured in years, not decades?
This is a research aid — not a peer review. Verify sources before citing.