What We Still
Do Not Know

Most writing about post-quantum cryptography follows the same pattern: here is the threat, here is the solution, here is why you should act now. The confidence is often greater than the evidence warrants.

This post attempts something different — a genuine accounting of what is known, what is genuinely uncertain, and what remains entirely unknown. QuantumShield™ was built despite these uncertainties, not because of certainty. Understanding why requires being honest about the limits of what anyone knows.

What Is Known

Shor's algorithm exists and is theoretically capable of breaking ECDSA and RSA. This is not disputed. The mathematics is sound. A quantum computer of sufficient size and reliability, running Shor's algorithm, could derive private keys from public keys in a timeframe that makes current cryptography obsolete.

Quantum computing is progressing. IBM, Google, and others have demonstrated functional quantum processors. Error rates are improving. The field is advancing, though the pace is uneven and the engineering challenges are significant.

NIST has standardized post-quantum algorithms. ML-DSA (FIPS 204), ML-KEM (FIPS 203), and SLH-DSA (FIPS 205) are published standards, not proposals. They represent years of rigorous cryptanalysis by the global research community.

Cryptographic migrations take a long time. The SSL to TLS transition took fifteen years. SHA-1 deprecation took over a decade despite known weaknesses. The time to begin a cryptographic migration is always earlier than it feels necessary.

What Is Genuinely Uncertain

The timeline for a cryptographically relevant quantum computer is unknown. Serious researchers give estimates ranging from 2030 to "possibly never at scale." Quantum error correction — the engineering problem that must be solved to build reliable large-scale quantum computers — remains unsolved. Some researchers believe it will be solved in this decade. Others believe the engineering challenges are more fundamental than currently appreciated.

The attack vectors that will matter most are not fully known. Current post-quantum research focuses on breaking signature schemes and key exchange. But quantum computers, once available, will be applied to problems beyond what researchers currently model. New attack strategies may emerge that current defenses do not anticipate.

Whether ML-DSA-65 will remain secure is not guaranteed. Cryptographic history contains algorithms that survived decades of analysis before a fatal flaw was found. NIST's process was rigorous, but rigor does not equal infallibility. Lattice-based cryptography has been analyzed for less than twenty years. New mathematical insights or quantum algorithms targeting lattice problems could, in theory, reduce security margins.

"QuantumShield™ is not a guarantee. No security system is. It is the best available answer to an uncertain future threat, built on the most rigorous standards currently available, and designed to be updated as understanding improves."

What Is Not Known At All

What other capabilities quantum computers will have. Current threat modeling focuses on Shor's algorithm and Grover's algorithm — the two quantum algorithms with known cryptographic implications. A quantum computer in the hands of nation-states or well-funded researchers in 2035 may have capabilities that researchers in 2026 have not anticipated. The history of computing is full of applications that were not predicted in advance.

Whether harvest-now-decrypt-later attacks are already occurring at scale. Intelligence assessments suggest that sophisticated actors are collecting encrypted data for future decryption. The actual scale and scope of this activity is, by definition, classified or unknown. The data that matters — payment signatures, authentication tokens, financial records — may already be archived somewhere waiting for a quantum computer that does not yet exist.

How regulatory requirements will evolve. NIST has set 2035 as the deadline for federal systems. The EU has set 2030. These timelines are based on current threat assessments and will be revised as quantum computing advances. The regulatory landscape in 2030 may require capabilities that are not currently mandated.

The Decision Framework Under Uncertainty

Given genuine uncertainty, how should a payment platform make cryptographic decisions?

The framework that shaped QuantumShield™ is asymmetric risk assessment. The cost of implementing ML-DSA-65 today is measurable and bounded: additional computation time (negligible), larger signature sizes (manageable with architectural adjustments), and development effort (significant but finite).

The cost of not implementing quantum-safe cryptography, if quantum computers arrive on the aggressive timeline, is unbounded: retroactive compromise of every authentication token ever issued, potential exposure of user credentials, and loss of trust in the platform's security guarantees.

When one outcome is costly but bounded and the other is potentially catastrophic and unrecoverable, the decision is straightforward even without certainty about probability.

The Commitment to Transparency

Because so much is uncertain, SchnelPay is committed to maintaining a public record of the cryptographic decisions made, the standards used, and the reasoning behind them. When those standards change — when ML-DSA-65 is superseded, when new threats emerge, when NIST updates its recommendations — those updates will be documented and explained publicly.

Security through obscurity has never been a sound principle. Security through transparency — making the design auditable, the decisions explainable, and the limitations honest — is the foundation that QuantumShield™ is built on.

The storm may not arrive for ten years. It may arrive in five. It may take a form nobody currently anticipates. The only appropriate response to genuine uncertainty is to build systems that are honest about what they know, designed to adapt to what they do not, and transparent about the difference.