This paper quantifies the effect of poor entropy on AES 256-bit encryption. It shows that the run time of Grover’s algorithm on a quantum computer to compromise the key is significantly reduced unless the source of entropy is in fact truly random.
Furthermore, as quantum computer gate fidelity improves over time, the number of logical qubits requires to run Grover’s algorithm is further reduced. This combined effect with poor entropy could make symmetric key encryption less resistant to quantum attack in the near term. Serious consideration should be given to the source of entropy on a device before increasing the key length for AES, assuming that this would make it quantum secure.