Shor's Algorithm: How Quantum Computing Threatens Modern Encryption

The Algorithm That Changed Cybersecurity

In 1994, mathematician Peter Shor published an algorithm that sent ripples through both the computer science and cryptography communities. Shor's algorithm demonstrated that a sufficiently powerful quantum computer could factor large integers in polynomial time — a task that classical computers require exponential time to complete. Why does that matter? Because the security of RSA encryption — the bedrock of internet security — depends entirely on factoring large numbers being hard.

The Factoring Problem: Why It's Hard Classically

Multiplying two large prime numbers together is easy. Given primes p and q, computing p × q = N takes milliseconds. But working backwards — finding p and q given only N — is extraordinarily difficult when the numbers are large enough.

RSA encryption keys are typically 2048 or 4096 bits long. The best known classical algorithm for factoring numbers of this size would take longer than the age of the universe on today's hardware. This computational hardness is the lock on the door of modern cryptography.

How Shor's Algorithm Works (Conceptually)

Shor's algorithm doesn't brute-force the factoring problem. Instead, it cleverly reduces factoring to a period-finding problem — finding the repeating cycle of a mathematical function — and then uses quantum parallelism to solve that period-finding problem efficiently.

1. Choose a random number a less than N.
2. Compute the period of the function f(x) = a^x mod N. This is where the quantum speedup lives: the Quantum Fourier Transform (QFT) extracts this period exponentially faster than classical methods.
3. Use the period to derive the factors of N using classical number theory (Euclid's algorithm).

The Quantum Fourier Transform is the heart of Shor's algorithm. It's a quantum analogue of the classical Fast Fourier Transform, and on a quantum computer it runs in O(n²) time compared to the classical O(2ⁿ).

What Hardware Is Needed?

Running Shor's algorithm against real-world RSA keys requires thousands of logical qubits — error-corrected, stable qubits that maintain coherence long enough to complete the calculation. Today's quantum computers have hundreds to low thousands of physical qubits, but physical qubits are noisy and error-prone. The ratio of physical to logical qubits needed for error correction is estimated to be in the hundreds-to-one range.

This means a cryptographically relevant quantum computer capable of breaking RSA-2048 is likely still years away — but the timeline is actively debated by researchers and national security agencies.

Implications for Cybersecurity

• RSA and ECC are vulnerable: Both RSA and elliptic curve cryptography (ECC), the two dominant public-key systems, can be broken by Shor's algorithm.
• Harvest now, decrypt later: Adversaries may be collecting encrypted data today, intending to decrypt it once quantum hardware matures.
• Post-quantum cryptography (PQC) is underway: NIST finalized its first set of post-quantum cryptographic standards in 2024, designed to resist quantum attacks.

The Road to Post-Quantum Security

The cryptographic community is not standing still. Lattice-based, hash-based, and code-based cryptographic schemes are being standardized as quantum-resistant alternatives. Organizations handling sensitive long-lived data are advised to begin planning their migration now — not when quantum hardware arrives, but before.

Shor's algorithm is a landmark in computer science: a theoretical result that forced an entire industry to rethink its assumptions. Whether you're a developer, security professional, or curious technologist, understanding it is essential context for the decade ahead.