Analysis: 128-bit symmetric encryption remains secure; quantum computing primarily threatens asymmetric cryptographic systems

According to an article by cryptography engineer Filippo Valsorda, the impact of quantum computing on current cryptographic systems is mainly concentrated on asymmetric algorithms (such as ECDSA, RSA, etc.), while its effect on symmetric encryption (like AES, SHA series) is limited. The Grover algorithm does not significantly weaken the security of 128-bit keys in practical scenarios.

Although the Grover algorithm can theoretically accelerate brute-force attacks, it is difficult to parallelize, making actual attack costs extremely high. Even under ideal quantum computing conditions, the resources required to break AES-128 are far greater than the cost of using Shor's algorithm to attack elliptic curve cryptography.

Furthermore, standard-setting bodies, including the National Institute of Standards and Technology (NIST), unanimously agree that AES-128 still meets post-quantum security requirements and does not need to be upgraded to 256-bit keys. Industry perspectives suggest that focusing resources on replacing asymmetric encryption schemes vulnerable to quantum attacks is a more urgent task at present.