How future-proof is encryption? What about quantum computers?

We use proven AES 256-bit encryption in the particularly secure GCM mode.

The AES-256-GCM method complies with the current recommendations of the National Institute of Standards and Technology (NIST). Thanks to its 256-bit key length, AES remains highly secure even against attacks by future quantum computers ("Quantum Security Analysis of AES"). While asymmetric encryption methods (e.g., RSA) can be severely compromised by Shor’s algorithm, Grover’s algorithm only provides a quadratic speedup for key searches in symmetric methods like AES-256. As a result, 256-bit keys remain extremely robust even in a post-quantum scenario.

Our end-to-end encryption therefore protects your data reliably in the long term. Learn more under End-to-End Encryption.