The advent of quantum computing represents a major technological revolution, but also an unprecedented threat to digital security. First of all, quantum computing holds great potential in terms of data storage and computing power, as well as multiple applications in the fields of simulation and optimisation, with revolutionary prospects in the chemical, pharmaceutical and digital industries for example1. It therefore represents a technological breakthrough that could bring many benefits to a society currently facing major economic and societal challenges2.
Asymmetric encryption algorithms, commonly used to secure electronic communications, are particularly vulnerable. While conventional computers take thousands of years to solve these problems, a quantum computer could do so in just a few hours, as illustrated by Shor’s algorithm described in 19943, which is capable of factoring large numbers exponentially faster than conventional methods. In fact, the factorisation problem posed by certain encryption algorithms (in particular RSA) can be transformed into a problem of finding a period in a function; solving this second problem is accelerated by the superposition of quantum states4. Similarly, Grover’s algorithm5 threatens symmetric encryption mechanisms (AES) and hash functions (SHA).
The development of machines capable of exploiting this vulnerability could have disastrous consequences for governments. These could include acts of industrial espionage, sabotage of critical systems, identity theft and even manipulation of elections, with significant repercussions for national security and social stability. However, in 2025, quantum computers are still at the experimental stage. Only organisations with considerable resources and advanced technological skills are capable of implementing these actions6. To put it simply, governments need to protect themselves against powers capable of developing “nuclear weapons”.
The need for a transition to post-quantum cryptography
To deal with this threat, it is imperative that governments anticipate and implement a strategy for the transition to post-quantum cryptography. This approach involves developing encryption algorithms that are resistant to quantum attacks, thereby guaranteeing the security of communications in the era of quantum computing. These algorithms must not be based on discrete factorisation or logarithm problems, which are vulnerable to quantum technology.
The US National Institute of Standards and Technology (NIST) has selected three of the most secure and efficient post-quantum algorithms following a rigorous selection process7:
- ML-KEM (originally known as Crystals-Kyber), designed to secure access to sites via a public channel.
- ML-DSA (formerly Crystals-Dilithium), which generates electronic signature keys for secure document exchanges and communications.
- SLH-DSA (formerly Sphincs+), which generates smaller public electronic signature keys.
The ML-KEM and ML-DSA algorithms are based on the difficulty of finding short vectors in a structured Euclidean network. Furthermore, as explained in an ANSSI (Agence nationale de la sécurité des systèmes d’information) analysis note8, there is a possibility that a weakness will be discovered, enabling a rapid resolution of the cryptographic problem posed. The SLH-DSA algorithm is based on the security of hash functions.
In addition, ANSSI recommends the use of hybridisation, which consists of combining post-quantum asymmetric algorithms, still under development, with well-established and proven traditional asymmetric encryption methods. This combination offers double protection until post-quantum algorithms reach a sufficient level of maturity to guarantee long-term security on their own.
The transition to these new algorithms requires a great deal of work and will therefore be gradual. It will take several years to replace all existing systems with secure solutions. To achieve this, a significant investment in the cryptographic skills of the staff responsible for protecting systems, data and digital exchanges must be made now, over a multi-year period. Indeed, a later investment is likely to generate very high adaptation efforts in a particularly constrained timeframe, with high risks vis-à-vis external entities.
Assessing risks, identifying mitigation measures, obtaining resources and implementing security projects
To guarantee the security of state services, a thorough assessment of the risks associated with quantum technologies must be carried out. This involves not only understanding the capabilities of quantum computers but also assessing the potential impact on existing security systems. In particular, it is essential to identify the most sensitive data, processes and exchanges, so as to focus security efforts on the most critical points. To do this, the deliverables of the EBIOS (Expression des Besoins et Identification des Objectifs de Sécurité – Expression of Needs and Identification of Security Objectives) method should be used for the entire information system under consideration9.
Post-quantum risk assessment requires a global and coherent approach. It is vital to adapt existing risk analyses, which are based on the EBIOS method, to incorporate the new threats posed by the emergence of quantum computing. It is also essential to coordinate the analyses carried out in isolation for each system or application. An aggregation phase is therefore necessary to obtain a systemic view of the risks and define a global security strategy. This approach makes it possible to identify the interdependencies between the various elements of the information system and to put in place appropriate protection measures.
The EBIOS method makes it possible to identify not only the risks but also the sensitivity of the data held, which is crucial if the information system is to be protected. It is essential to distinguish between critical data, the loss of which could have a vital impact, and data that can be compromised with fewer consequences. This assessment will make it possible to prioritise protection efforts and ensure that security measures are adapted to the level of sensitivity of each type of data.
Consideration should also be given to the possibility of adapting security procedures by reverting to physical means, such as paper, if necessary. This approach can enhance the protection of sensitive information, particularly in high-risk situations. The use of single-use codes is also a promising strategy. These codes, which have an expiry date of one to two months, can enhance security by limiting the possibilities of unauthorised access.
Conclusion and outlook
In conclusion, the quantum threat represents a major challenge for the digital security of governments and operators of vital importance (energy, communications, transport, power, etc.). To meet these threats, it is essential to anticipate them, invest in innovative solutions, mobilise human and financial resources and promote international cooperation.
Quantum computing will soon be capable of neutralising current encryption systems in record time, which means that we need to start adapting quickly and thoroughly right now. To achieve this, the transition to post-quantum cryptography will need to be coupled with robust security measures and increased awareness, which are necessary to guarantee our digital sovereignty.
Finally, it is vital to take a global approach to the security of digital services, integrating the technological, systemic and human dimensions. The emergence of quantum technologies is a major challenge that needs to be addressed alongside current threats.
