Quantum computing and its potential for breaking cryptographic ciphers: A technical-legal analysis

Article Sidebar

PDF (Português (Portugal))
Published: Apr 8, 2026
DOI: https://doi.org/10.29073/j2.v9i1.1139
Keywords:
Cybersecurity Digital Law Post-Quantum Cryptography Quantum Computing Regulatory Compliance

Main Article Content

João Sousa
ESTG-IPP
https://orcid.org/0009-0001-7019-1995
Rui Sousa
ESTG-IPP
https://orcid.org/0009-0001-1614-4477

Abstract

Quantum Computing constitutes a technologically disruptive paradigm, grounded in principles such as superposition and entanglement, which make it possible to surpass certain limits of classical computing. Nevertheless, this capability introduces significant vulnerabilities in the field of cybersecurity, calling into question the foundations of contemporary cryptography. Quantum algorithms such as Shor's and Grover's may compromise asymmetric cryptographic systems, namely RSA and ECC, and reduce the effective security margin of symmetric cryptography.


This article analyses the foundations of quantum computing and its impact on digital and communication infrastructures. In light of this scenario, the transition to PQC is examined as a technical and normative response. In parallel, a legal and regulatory analysis is conducted, focusing on organizational liability in light of the GDPR, the DORA Regulation, and the NIS2 Directive.


It is concluded that the continued use of outdated cryptographic mechanisms may constitute not only a technical weakness, but also a material legal risk. The article puts forward practical and normative recommendations aimed at digital resilience in an emerging risk context.

Downloads

Download data is not yet available.

Article Details

How to Cite
Sousa, J., & Sousa, R. (2026). Quantum computing and its potential for breaking cryptographic ciphers: A technical-legal analysis. Legal Journal (J²), 9(1), 68–74. https://doi.org/10.29073/j2.v9i1.1139
Issue
Vol. 9 No. 1 (2026): Jornal Jurídico
Section
Artigo
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Author Biographies

João Sousa, ESTG-IPP

Mestrando em Práticas Jurídico-Digitais. ESTG-IPP

Rui Sousa, ESTG-IPP

Mestrando em Práticas Jurídico-Digitais. ESTG-IPP

Crossref
Scopus
Google Scholar
Europe PMC

References

Arute, F., Arya, K., Babbush, R., Bacon, D., Bardin, J. C., Barends, R., et al. (2019). Quantum supremacy using a programmable superconducting processor. Nature, 574(7779), 505–510. https://doi.org/10.1038/s41586-019-1666-5

Assembleia da República. (2018). Lei n.º 46/2018, de 13 de agosto: Estabelece o regime jurídico da segurança do ciberespaço. Diário da República, 1.ª série, n.º 155.

Bernstein, D. J., Buchmann, J., & Dahmen, E. (Eds.). (2009). Post-quantum cryptography. Springer.

Centro Nacional de Cibersegurança (CNCS). (2024). Diretiva SRI 2 (NIS 2). https://www.cncs.gov.pt/pt/diretiva-sri-2-nis-2/

Deutsch, D. (1985). Quantum theory, the Church–Turing principle and the universal quantum computer. Proceedings of the Royal Society A: Mathematical and Physical Sciences, 400(1818), 97–117. https://doi.org/10.1098/rspa.1985.0070

European Parliament, & Council of the European Union. (2014). Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS). Official Journal of the European Union, L 257, 73–114.

European Parliament, & Council of the European Union. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation—GDPR). Official Journal of the European Union, L 119, 1–88.

European Parliament, & Council of the European Union. (2022). Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector (DORA). Official Journal of the European Union, L 333, 1–79.

European Union Agency for Cybersecurity (ENISA). (2021). Post-quantum cryptography: Current state and quantum mitigation. https://www.enisa.europa.eu/publications/post-quantum-cryptography-current-state-and-quantum-mitigation

Feynman, R. P. (1982). Simulating physics with computers. International Journal of Theoretical Physics, 21(6), 467–488. https://doi.org/10.1007/BF02650179

Grover, L. K. (1996). A fast quantum mechanical algorithm for database search. In Proceedings of the 28th annual ACM symposium on theory of computing (pp. 212–219). Association for Computing Machinery. https://doi.org/10.1145/237814.237866

Mosca, M. (2018). Cybersecurity in an era with quantum computers: Will we be ready? IEEE Security & Privacy, 16(5), 38–41. https://doi.org/10.1109/MSP.2018.3761723

National Institute of Standards and Technology (NIST). (2024). Post-quantum cryptography standardization. U.S. Department of Commerce. https://csrc.nist.gov/projects/post-quantum-cryptography

Nielsen, M. A., & Chuang, I. L. (2010). Quantum computation and quantum information (10th ed.). Cambridge University Press.

Pirandola, S., Andersen, U. L., Banchi, L., Berta, M., Bunandar, D., Colbeck, R., et al. (2020). Advances in quantum cryptography. Advances in Optics and Photonics, 12(4), 1012–1236. https://doi.org/10.1364/AOP.361502

Shor, P. W. (1994). Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the 35th annual symposium on foundations of computer science (pp. 124–134). IEEE. https://doi.org/10.1109/SFCS.1994.365700

U.S. Congress. (2022). Quantum Computing Cybersecurity Preparedness Act (H.R. 7535, Pub. L. 117–260). U.S. Government Publishing Office.