April 20, 2026

Commenters vs Quantum Panic

Article URL →HN comments →

Quantum Computers Are Not a Threat to 128-Bit Symmetric Keys

Relax: the 128‑bit lock stays shut—save the panic for RSA, Wi‑Fi, and key‑rotation wars

TLDR: Experts say quantum won’t crack 128‑bit symmetric encryption like AES anytime soon; the real worry is RSA/ECDH used in logins and Wi‑Fi. Commenters mostly agreed, while some blasted Wi‑Fi’s elliptic‑curve move as future e‑waste and others pushed rapid key rotation as a stopgap

Crypto pro Filippo Valsorda just dropped a calm bomb: 128‑bit “locks” like AES and SHA‑256 aren’t getting popped by quantum. His case? The big spooky quantum speedup, Grover’s algorithm, doesn’t parallelize well, so real‑world cracking still takes forever. The crowd mostly nodded—then the comment section lit up.

Researcher vibes: “Grover is impractical.” User Strilanc waved a giant red flag at anyone lumping Grover (search tricks) with Shor (the one that busts RSA). Translation for non‑nerds: your password‑style encryption is fine; your math‑trick handshakes and signatures need help.

Then came the fireworks. kd913 dragged the Wi‑Fi Alliance, claiming WPA3’s move to fancy math handshakes could turn piles of IoT gadgets into e‑waste if quantum arrives. Drama level: “Smart inverter today, landfill tomorrow.” Meanwhile, bob1029 pitched a hacker‑movie fix: rotate keys constantly—their bank partner swaps digital signatures every 5 minutes (maybe 30 seconds!) like self‑destructing codes. Engineers split: clever band‑aid or ops nightmare?

Pedant patrol checked in too—occamofsandwich side‑eyed the wording about hashes vs keys. And newcomer ninjahawk1 asked the sci‑fi question: if we fit a data center in your palm, does time stop mattering? The thread’s mood: not anytime soon—save your stress for RSA and ECDH (logins and Wi‑Fi handshakes), not your AES‑128

Key Points

  • Shor’s algorithm threatens current asymmetric cryptography (ECDH, RSA, ECDSA, EdDSA), necessitating post-quantum replacements.
  • Symmetric algorithms (AES, SHA-2, SHA-3) and their key sizes are not impacted by quantum computers; AES-128 and SHA-256 remain safe.
  • The belief that quantum computing halves symmetric key security is a misinterpretation of Grover’s algorithm and not reflected in standards.
  • Grover’s algorithm requires sequential oracle invocations and cannot be effectively parallelized beyond partitioning, which dilutes its quadratic speedup.
  • Parallelizing Grover-type attacks increases total system work, making practical attacks on 128-bit symmetric keys infeasible.

Hottest takes

“Gonna be a tonne of IOT inverters waste.” — kd913
“our ecdsa keys rotate every 5 minutes.” — bob1029
“Grover attacks are very blatantly impractical.” — Strilanc

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.