GPT-5, AGI, and the Future of Encryption: Is AES-192 Still Safe?

The release of GPT-5 in 2025 has reignited debates about the feasibility of Artificial General Intelligence (AGI) and its potential implications. Capable of performing complex tasks across diverse domains, GPT-5 is seen by some experts as a significant step toward AGI — and by others as a signal that it’s time to prepare for a paradigm shift.

In this context, a recurring question among Chief Information Security Officers (CISOs) and security architects is: could an AGI — on its own or in combination with quantum computing — break AES-192?

AES-192 is a symmetric encryption standard widely regarded as secure. Yet, with advances in both AI and quantum algorithms, understanding its true resilience is essential for planning cryptographic roadmaps. This article examines the technical realities: AGI capabilities, quantum attack models, AES-192’s cryptanalytic posture, and what all this means for future-proofing enterprise security.

1. AGI and the Cryptanalytic Threat Model

What is AGI?

AGI refers to an AI system with human-level or beyond-human cognitive flexibility—able to autonomously learn, reason, and apply knowledge to unfamiliar tasks. Unlike narrow AI, AGI could conceivably orchestrate complex, multi-stage attacks, integrating diverse information sources to optimise strategies.

AGI in cryptanalysis

Even without quantum hardware, AGI could:

• Automate large-scale side-channel analysis.
• Optimise algorithmic heuristics to reduce search space.
• Identify subtle implementation flaws humans might overlook.

However, without a mathematical breakthrough, AGI alone cannot circumvent the exponential complexity of AES key search. For AES-192, the classical brute-force key space is 2^192—beyond any realistic classical computation, even with hypothetical AGI-optimised hardware.

2. Quantum Cryptanalysis: Grover’s Algorithm

Quantum computing changes the equation. Grover’s algorithm (1996) provides a quadratic speed-up for unstructured search problems, including brute-forcing symmetric keys.

For AES-192:

• Classical security: 2^192 operations.
• Quantum (Grover): ~2^96 quantum iterations.

At first glance, 2^96 seems manageable—but only in theoretical terms. In practice:

• Qubit requirements: Grassl et al. (2015) estimated AES-192 would require billions of logical qubits, with each logical qubit backed by thousands of physical qubits for error correction.
• Circuit depth: Current estimates Jaques et al. (2024) put the runtime at centuries on foreseeable hardware.
• Error rates: Even with surface codes, sustaining the necessary coherence over deep circuits remains beyond the reach of projected NISQ-era devices.

3. AES-192’s Cryptanalytic Posture

Classical Attacks

• Biclique attack: The best known generic attack on AES reduces complexity to 2^189.7 — an insignificant improvement over brute force (AES overview).
• Related-key attacks: Effective only under highly constrained conditions, irrelevant for well-designed protocols.

Quantum Perspective

AES-192 provides ~96-bit security against Grover’s algorithm. For context, 80-bit security is already considered borderline for long-term protection; 96-bit remains strong for most applications.

Algebraic Attacks

• Theoretical constructs like the XSL attack have not been demonstrated at practical scales for AES.

4. AGI + Quantum: A Synergistic Threat?

Where AGI could impact cryptanalysis is in optimising the quantum attack pipeline:

• Circuit optimisation: Designing shallower, more qubit-efficient Grover circuits.
• Error correction strategies: Dynamic adaptation of surface codes to minimise overhead.
• Hybrid attacks: Orchestrating pre-processing steps (classical or AI-driven) to reduce the effective key search space before quantum execution.

However, hardware constraints dominate. Even a perfect AGI cannot “think away” the need for massive, fault-tolerant quantum resources. The bottleneck is physical, not algorithmic.

5. Side-Channels and Implementation Weaknesses

One area where AGI could be disruptive—well before large-scale quantum computers arrive—is exploiting side-channels:

• Power analysis
• Electromagnetic leakage
• Cache timing

AGI could sift through vast telemetry data, correlating subtle leakage patterns invisible to human analysts. This could make poorly implemented AES-192 vulnerable, regardless of its theoretical security.

6. Implications for CISOs

Practical recommendations:

• Crypto-agility – Design systems that can migrate from AES-192 to AES-256 or post-quantum primitives without major redesign.
• Hybrid encryption – Combine classical symmetric keys with PQC key exchange mechanisms (e.g., NIST PQC finalists).
• Side-channel hardening – Ensure AES implementations are constant-time and resistant to physical probing.
• Regular reviews – Track developments in both AI and quantum hardware. ETSI’s TR 103 967 offers practical monitoring guidelines.

Looking Ahead: AGI, Quantum, and Crypto-Agile Security

Can an AGI — even one far more advanced than today’s GPT-5 — break AES-192 today? No. Without quantum assistance, the key space remains computationally unreachable. With quantum assistance, the problem becomes theoretically solvable, but hardware requirements make it impractical for the foreseeable future.

The more immediate threat is AGI-augmented exploitation of side-channels and implementation flaws. While CISOs should monitor the long-term AGI+quantum synergy, the actionable priority today is ensuring crypto-agility, side-channel resilience, and readiness to adopt post-quantum standards.

In cryptography, inertia is the real risk. Planning for a post-AGI, post-quantum world must start now—not because the threat is here, but because the lead times for change are long.

Given the current state of both AGI and quantum computing, the practical risk to AES-192 and AES-256 remains negligible for well-implemented systems, but readiness for future cryptographic shifts is essential.

RCDevs solutions, including OpenOTP and WebADM, leverage AES with key sizes up to 256 bits, delivering security levels far beyond present-day threats. With a crypto-agile design, they can seamlessly migrate to post-quantum standards when required. This ensures customers benefit from strong protection today while remaining prepared for future advances—whether driven by AGI or quantum computing.

References

1. Grover, L.K. (1996). A fast quantum mechanical algorithm for database search. arXiv:quant-ph/9605043
2. Grassl, M. et al. (2015). Applying Grover’s algorithm to AES: quantum resource estimates. arXiv:1512.04965
3. Jaques, S. et al. (2024). On the practical cost of Grover’s algorithm. NIST PQC Conference Paper. PDF
4. AES overview, Wikipedia
5. XSL attack, Wikipedia
6. ETSI TR 103 967, Quantum Safe Cryptography Update 2025, ETSI