Diffie & Hellman are truly the heroes ahead of the time. 43 years ago, 1976, at the DES review, they had a entertaining debate with NSA employees.
Martin Hellman said,
* 56/64-bit symmetric crypto is insecure, and chosen to benefit NSA.
* 100-200 bits of security should be secure, but is still vulnerable to attacks by quantum computers.
(Glover & Shor's algo were not discovered until the late 90s! We now know 128-bit is pre-quantum secure, 256-bit is post-quantum secure, Martin was completely correct.)
We won't. And if we would, we still can't.
Yeah but you will when you can. And could you, in ten years?
(fast forward 40 years...)
We could and we did.