Key insight

Encryption comes in two families. Symmetric (one shared key — a lockbox, e.g. AES) is fast, protects the bulk of your data, and is only mildly affected by quantum computers. Public-key (a matching public/private pair — a mailbox, e.g. RSA and elliptic-curve) lets strangers agree on secrets and prove identity, and is exactly what quantum breaks. Real systems use both together. “Quantum breaks encryption” really means: it breaks the mailbox, not the lockbox.

In one sentence

A quantum computer barely dents the shared-key lockbox that scrambles your actual data, but it shatters the public-key mailbox that lets strangers set up a secret and prove who they are — and that mailbox is what the whole internet runs on.

In the previous article we learned that security lives in the key, and that keys come in two shapes. Now we make those two shapes concrete, because the difference between them is the hinge the entire quantum story swings on. We will use one picture the whole way through: a mailbox.

Family one: the shared lockbox (symmetric)

Symmetric encryption means “same”: both people use the same secret key. Picture a sturdy lockbox with a single lock. You and a friend each hold an identical copy of the one key. You drop a message in, lock it, send it; your friend unlocks it with their matching copy. Lock and unlock use the same key.

This family is fast and strong, which is why it does the heavy lifting: the actual contents of your messages, the files encrypted on your laptop, the video you stream, the data in a database at rest — almost all of it is protected by symmetric encryption. The standard everyone uses is called AES (the Advanced Encryption Standard), typically with a key 128 or 256 bits long.

But recall its nagging weakness: both sides must already share the identical key. If you have never met and can only talk over a line that eavesdroppers are tapping, how do you agree on that key without the tapper hearing it? That single question is what the second family exists to answer.

Symmetric encryption: one shared key A sender locks a box with a key; the same key shape unlocks it for the receiver. Sender Receiver locked box travels Same key locks and unlocks
Symmetric (AES): one identical key on both ends. Fast, strong — but how did both ends get the key?

Family two: the magical mailbox (public-key)

Public-key encryption (also called asymmetric, meaning “not the same”) gives each person a pair of keys that belong together but are different: a public key and a private key.

Picture a special mailbox standing on the street:

Now the magic: anyone can post you a private message through the slot, but only you can open the door to read what accumulates inside — even though you and the sender never met and never agreed on any secret beforehand. Publishing the location of your slot (your public key) does nothing to help a thief open the door (your private key). That is what breaks the chicken-and-egg problem of the lockbox: strangers can now send you secrets over a completely open, tapped line.

The classic public-key schemes are RSA (named after its inventors Rivest, Shamir and Adleman; built on the difficulty of un-multiplying large primes) and elliptic-curve cryptography, or ECC (built on a related “one-way street” on a curve). Their close cousin Diffie–Hellman lets two parties mix public and private values to arrive at a shared secret neither one sent in the clear.

Public-key encryption: the mailbox Anyone can post a letter into the public slot at the top, but only the owner's private key opens the door at the bottom. PUBLIC slot (anyone posts) PRIVATE door (only owner opens) Stranger A Stranger B Owner’s private key opens door
Public-key (RSA, ECC): a public slot anyone can use, a private door only you can open. This is the trick quantum computers undo.
Why publishing the slot is safe — the one-way street

The mailbox works because posting and retrieving rely on a maths operation that is easy forwards, brutally hard backwards. For RSA: multiply two large primes together — easy. Take the product and recover the two primes (“factoring”) — effectively impossible for today’s computers when the numbers are big enough, because no efficient (polynomial-time) classical factoring method is known and the effort grows exponentially with the number’s length. Your public key is derived from the product; your private key from the primes. The slot reveals the product; the door needs the primes. The entire safety of the mailbox is the belief that nobody can un-multiply quickly. Remember that belief — it is precisely what a quantum computer overturns.

The same trick in reverse: digital signatures

Run the mailbox backwards and you get something just as important. If you lock a message with your private key, then anyone can verify it with your public key — and the fact that it verifies proves it could only have come from you. That is a digital signature. It is how your device confirms a software update genuinely came from its maker, how a website proves it is really your bank and not an impostor, and how documents are signed in a way that cannot be forged or denied.

Signatures matter enormously for the quantum story, because they are also public-key cryptography — and so they are on the danger list too. That is why the new standards later in this series include a dedicated signature algorithm (ML-DSA) alongside a key-exchange one (ML-KEM).

How real systems use both at once

Here is the elegant part: real systems do not choose one family — they combine them, using each for what it is best at. When your browser connects to a website (the little padlock, TLS), this happens in about a tenth of a second:

  1. Public-key is used once, at the start, to let the two strangers — your browser and the server — agree on a fresh shared secret over the open line, and to let the server prove its identity with a signature.
  2. They then switch to fast symmetric encryption (AES), using that freshly agreed shared key, for the actual data — every page, image, and keystroke of the session.

So public-key is the handshake that sets things up and proves identity; symmetric is the workhorse that protects the bulk. This division of labour is exactly why the quantum threat is so surgical: it strikes the handshake, not the workhorse.

Which family does quantum break?

Now the payoff. A quantum computer running the right algorithm affects the two families completely differently:

This asymmetry (pun intended) is the reason the entire global response — the NIST standards, the vendor roadmaps, your organisation’s readiness assessment — is about replacing the public-key handshake and signatures while leaving symmetric bulk encryption almost untouched. We will see precisely how Shor and Grover differ in the “Shor and Grover” article, but you already have the headline.

Side by side

 Symmetric — the lockboxPublic-key — the mailbox
KeysOne shared secret keyA public + private pair
Everyday pictureTwo copies of one keyPublic slot, private door
Great atEncrypting the bulk of data, fastStrangers agreeing a secret; proving identity
Common namesAESRSA, ECC, Diffie–Hellman
The catchMust share the key firstSlower; relies on a one-way maths street
Quantum impactMild — use a bigger keyBroken — must be replaced
Symmetric encryption (AES)
One shared key locks and unlocks. Protects the bulk of data. AES = Advanced Encryption Standard, the mainstream symmetric cipher. Quantum: mildly affected.
Public-key / asymmetric encryption (RSA, ECC)
A public key anyone can use, a private key only you hold. Enables key agreement and signatures. RSA = Rivest–Shamir–Adleman (its three inventors); ECC = Elliptic-Curve Cryptography. Quantum: broken.
Diffie–Hellman (DH)
A public-key method for two parties to agree a shared secret over an open line.
Digital signature
Public-key run in reverse to prove a message’s origin and integrity.
TLS (Transport Layer Security)
The protocol behind the browser padlock; uses public-key to set up, then symmetric for the session.

What to carry forward

Next: Classical vs Quantum Computers → — what actually makes a quantum machine able to run that one-way street backwards.

Understand it in your own words

Paste this into any AI assistant to test yourself:

I'm learning how encryption works before studying the quantum threat.
Quiz me on these, one question at a time, and correct me gently:

1. Explain symmetric vs public-key encryption using the "lockbox" and
   "mailbox" analogies in my own words.
2. Why can I safely publish my public key to the whole world?
3. When my browser opens an https website, which family sets up the
   connection and which family protects the actual data — and why?
4. A quantum computer is coming. Which family do I need to REPLACE, and
   which one just needs a BIGGER KEY? Explain the intuition for each.
5. What is a digital signature, and why is it also on the quantum
   danger list?

References & further reading

  1. NIST, Advanced Encryption Standard (AES), FIPS 197 — the symmetric standard. csrc.nist.gov
  2. R. Rivest, A. Shamir, L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” 1978 — RSA.
  3. W. Diffie and M. Hellman, “New Directions in Cryptography,” 1976 — public-key key agreement.
  4. NIST, Post-Quantum Cryptography FAQs — why public-key is the focus and symmetric only needs larger keys. csrc.nist.gov
  5. NSA, Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) — recommended symmetric key sizes and post-quantum public-key algorithms. nsa.gov/cybersecurity