
Emerging Quantum Threat
- Today, public-key cryptography secures online identity, communications and critical digital infrastructure.
- A quantum computer could use Shor’s algorithm to break this encryption within hours.
- The immediate threat is “harvest now, decrypt later” i.e. collecting encrypted data today for future decryption.
- “Q-day” refers to the point when quantum computers practically endanger public-key cryptography.
- Mainstream experts believe Q-day and full migration will each take at least a decade.
Quantum Vulnerabilities
- Public-key infrastructure securing HTTPS and telecom networks faces the greatest existential exposure.
- Symmetric cryptography like AES encryption is comparatively less threatened by quantum computing.
- Advanced AI can autonomously compromise the software layer today making the threat surface much larger than Q-day alone.
Strategic Significance
- Power grids, defence systems and financial services are directly at risk from quantum-enabled attacks.
- Post-Quantum Cryptography (PQC) runs on conventional computers but resists quantum attacks effectively.
- For higher security environments, Quantum Key Distribution (QKD) provides stronger but technically demanding protection.
- India’s Preparedness
- The Department of Science and Technology Task Force Report recommends migrating to three PQC standards finalised in 2024.
- A budgetary allocation of at least Rs 5,000 crore has been recommended for this transition.
Challenges in Quantum-Safe Transition
- Cryptography exists as dependencies spread across databases, legacy hardware, vendor software and authentication protocols within organisations.
- QKD engineers are globally rare, making human capital a critical bottleneck for India.
- QKD poses an acute trade-off between security and operational efficiency requiring careful management.
- Rationalising vendor dependence is essential to avoid strategic vulnerabilities in India’s cryptographic supply chain.
Way Forward
- Migration to PQC must continue regardless of whether Q-day arrives as expected or is delayed.
- India must foster and retain QKD engineering talent through dedicated research and academic programmes.
- A whole-of-government approach must address the organisational complexity of cryptographic transition across ministries.
- India must treat quantum-safe infrastructure as a matter of digital sovereignty and national security priority.

