The quantum threat to encrypted communications
Quantum computing has been discussed as a future problem for Bitcoin for years. But now researchers are saying encrypted messaging platforms might face a more immediate risk. The issue isn’t just about breaking current encryption—it’s about something called “store-and-forward” attacks.
Basically, someone could record encrypted messages today, save them, and then decrypt them later when quantum computers become powerful enough. This is different from Bitcoin’s situation, where transactions happen in real time. For messaging, there’s this lingering threat that past conversations could be exposed years from now.
Ethan Heilman, a cryptography researcher, pointed out that we’ve seen intelligence cases where communications were recorded decades ago and only broken much later. “So for communication security,” he said, “there’s always the risk of the future decrypting the past, which we don’t have in Bitcoin.”
Messaging platforms taking action
Signal and Threema are already working on this problem. In 2023, Signal introduced something called PQXDH to protect new sessions against these harvest-now-decrypt-later attacks. Then in 2025, they added SPQR protocol upgrades to extend that protection to ongoing messages, calls, and media.
Threema is working with IBM’s cryptography team to explore integrating ML-KEM algorithm into their system. ML-KEM is a NIST-standardized approach that’s supposed to be quantum-resistant.
The work isn’t just about the message content itself, either. Researchers are also looking at protecting metadata—information about who’s in group chats, when messages are sent, that sort of thing. This metadata can be just as revealing as the actual messages.
The technical challenges
One interesting problem the researchers ran into was bandwidth. When they tried to adapt Signal’s existing protocol to be quantum-safe, they found that just swapping out current components for quantum-resistant versions would increase Signal’s bandwidth needs by up to a hundred times.
That’s not really practical for a messaging app that people use on their phones. So they had to redesign things from the ground up, focusing on speed and communication efficiency. It’s not just about making things secure—it’s about making them usable too.
IBM’s report mentioned that breaking current encryption is practically impossible with classical supercomputers unless you have “a spare billion years to kill.” But quantum computing could change that timeline dramatically.
Why this matters now
Heilman mentioned that we’ve seen senior U.S. national security officials using Signal for sensitive discussions. There was that 2025 incident where Defense Secretary Pete Hegseth and others were using disappearing Signal messages on personal devices. When government communications are involved, the stakes get higher.
Most researchers still think machines capable of attacking Bitcoin are pretty far off. But the pace of quantum computing development has been accelerating. Experiments from IBM, Google, and Caltech have been improving stability, scaling, and error correction.
“As soon as the threat becomes more real,” Heilman noted, “things move quicker.” It’s one of those situations where you don’t want to wait until there’s an actual problem to start working on solutions. By then, it might be too late for messages that have already been recorded and stored.
The work happening now between IBM, Signal, and Threema is about getting ahead of that curve. They’re trying to build systems that will remain secure even when quantum computers become more powerful. It’s preventive medicine for digital communications.
I think what’s interesting here is how different technologies face different timelines for the quantum threat. For Bitcoin, it seems like there’s more time to prepare. For messaging, the risk feels more immediate because of how messages can be stored and attacked later. Different problems require different solutions, even though they’re both dealing with the same underlying quantum computing advancement.
