Re: Time to solve one of those "10^77 years" IT Security Cracking problems
Breaking conventional cryptography requires a class of quantum computer that Shor's algorithm
Asymmetric cryptography, and that statement (the requirement for Shor's algorithm, i.e. a true QC) hasn't been proven. There may be better conventional algorithms for factoring, for example. Nor is ECC proven to be NP-hard, at least the last I checked.
For symmetric cryptography, the best QC attack is Grover's algorithm, which effectively cuts the key in half. That's pretty much useless if defenders are using a decent key length to begin with, unless the QC is much faster than a conventional computer at conventional computation as well.
And then we have post-quantum cryptographic algorithms, which are finally becoming feasible with the RLWE family.
And then there's the question of how many encrypted messages are worth pointing a large and very expensive QC at. Particularly when there will almost certainly be better attacks available: protocol flaws, implementation flaws, social engineering, suborning one of the keyholders...
Quantum cryptanalysis is mostly a big fat non-issue.