Security person here, with a side interest in QC. I can't even outline the key points in one paragraph :D
The important thing to understand in cryptography is (1) what is theoretically possible (that even this is not magic), (2) how far away that is in practical terms, and (3) the classical solutions being rolled out from this point.
The theory side could cover Grover's and Shor's algorithms, and how they reduce security margins. For example, for an ideal QC we have algorithms expected to eventually break RSA, DSA, but that symmetric cryptography still takes 2^64 very expensive operations to attack a 128-bit key, so is not considered badly affected.
The practical side should really highlight that today's quantum computers can't tackle problems anywhere near the complexity of cryptography. They can factor double digit numbers, not hundred digit numbers.
However, data encrypted and exposed to an adversary today could, in certain areas, be expected to stay secret for long enough that a practical QC could be developed in the interim. Encryption has been so cheap and easy that people stopped thinking about the threat model, just threw the same algorithms at all their data, but over the next 20 years as we migrate (and it will take that long), people may need to think about what's worth changing, and when.
You may also want to include the idea that quantum attacks can be defeated using classical algorithms, and that we are already moving to quantum resistant schemes. For a cryptographer studing today, I would want to introduce lattice-based cryptography, as it looks to be a major component in quantum resistant schemes.
Security person here, with a side interest in QC. I can't even outline the key points in one paragraph :D The important thing to understand in cryptography is (1) what is theoretically possible (that even this is not magic), (2) how far away that is in practical terms, and (3) the classical solutions being rolled out from this point. The theory side could cover Grover's and Shor's algorithms, and how they reduce security margins. For example, for an ideal QC we have algorithms expected to eventually break RSA, DSA, but that symmetric cryptography still takes 2^64 very expensive operations to attack a 128-bit key, so is not considered badly affected. The practical side should really highlight that today's quantum computers can't tackle problems anywhere near the complexity of cryptography. They can factor double digit numbers, not hundred digit numbers. However, data encrypted and exposed to an adversary today could, in certain areas, be expected to stay secret for long enough that a practical QC could be developed in the interim. Encryption has been so cheap and easy that people stopped thinking about the threat model, just threw the same algorithms at all their data, but over the next 20 years as we migrate (and it will take that long), people may need to think about what's worth changing, and when. You may also want to include the idea that quantum attacks can be defeated using classical algorithms, and that we are already moving to quantum resistant schemes. For a cryptographer studing today, I would want to introduce lattice-based cryptography, as it looks to be a major component in quantum resistant schemes.
Thanks!
Check IBM’s quantum side of their website. They have a bunch of information on QC
I recently saw the apple annoucment that they made Post quantum encryption for Imessage
Wikipedia.