Quantum computing. Whatever your level of technical understanding, it undoubtedly sounds impressive. And in this case, it’s a technology that well and truly lives up to the name. Put simply, quantum computing is set to redefine the limits of data processing power. In doing so, it will offer vast potential to tackle an array of critical scientific challenges.
However, history teaches us that any such ground-breaking advance will also be employed by those with less than pure intentions. Which means we need to prepare for the fact that quantum computing will, sooner or later, offer the means to crack cryptographic codes that have until now been regarded as unbreakable. Significantly, these include the public key infrastructures around which so much of our secure communication is currently built. Fairly obviously, that represents a serious headache. But the good news is that leading industry players have recognized the issue early and are already taking steps to address it. In this article, we’ll review what’s at stake, assess how soon existing cryptographic techniques could be undermined, and consider the measures being taken to ensure that the arrival of quantum computing is something to be welcomed rather than feared.
Quantum computing rewrites the rule book
The strength of quantum computing lies in the radically new way it performs data calculations. Since the 1960s, computing has relied on silicon transistors to store and manipulate data that is encoded as a series of zeros and ones. Quantum computing, in contrast, exploits the ability of sub-atomic particles to exist in more than one state at a time. Consequently, it encodes data differently: in quantum bits or ‘qubits’. In simple terms, the qubit can be likened to a sphere. Using this analogy, a traditional bit can only be at one of the sphere’s two poles – i.e. a zero or a one. A qubit, however, can be in a superposition of states: at any position on the sphere and representing a combination of zeros and ones simultaneously. In practice that means much more data can be stored. Moreover, it can be manipulated far more quickly. Problems well beyond the reach of the traditional computer therefore move into the realms of the eminently solvable.
Breaking the unbreakable
Within the world of cryptography there is widespread agreement as to which algorithms will be easily challenged by quantum computing. Cryptographic algorithms are classified into different categories, according to characteristics such as the type of underlying mathematical functions they are based on, the type of usage they are designed for (e.g. protecting data exchange or the creation of a secret), or the type of secret management required (i.e. one secret key, or a public and private key pair). Of these, the algorithm families that may be weakened by the deployment of quantum computing have been identified as mainly including public key-based methodologies such as RSA and elliptic-curve cryptography for PKI applications, and key exchange applications such as Diffie-Hellman.
The future’s closer than you think
In terms of how soon all of this will happen, there’s rather less consensus. Some experts predict that, within ten years, quantum computing will start to become available to the most advanced researchers and major investors. Indeed, Michele Mosca, from the Institute for Quantum Computing, recently stated there is: “a one in seven chance that some fundamental public key crypto will be broken by quantum by 2026, and a one in two chance of the same by 2031.” Of course such forecasts are changing regularly, but it is worth noting that some serious resources are being committed to the development of quantum computing. So it’s definitely a case of when, not if, this revolutionary technology will make an impact.
Time to panic?
Fortunately, no one is suggesting we need to hit the panic button. The message from the experts is very much one of reassurance. To start with, even the most optimistic predictions for the speed with which quantum computing becomes a reality mean that products with a lifespan of less than ten years are safe. Furthermore, for products that will be around longer, strategies are already being rolled out to protect them over their entire lifecycle. At Gemalto, for example, we are working on the design of products embedding so-called crypto agility capability. This enables software to be loaded that could replace keys and algorithms, as and when they become deprecated. This powerful mechanism enables a fleet of resistant products to be maintained, even as algorithms are found to be vulnerable.
The other axis of defense resides in the choice of algorithm family. Broadly speaking, there are three main approaches to ensuring resistant products:
- implementing symmetric key algorithms with larger keys (approximately doubling the current average key size), which are well known for resisting quantum computing;
- implementing proven quantum-safe algorithms which have already demonstrated their robustness, such as hash-based signature;
- or implementing a subtle combination of both pre- and post-quantum algorithms.
This last option has the particular virtue of taking a step towards the future, whilst retaining the existing effective crypto that the security industry has well and truly mastered.
A matter of teamwork
A wide range of players are now actively involved in the search for answers. Above all else, protecting the future of public key encryption means finding algorithms that can resist the power of quantum computing yet remain secure when used with a ‘classic’ computer. This is what the sector refers to as ‘quantum-safe’ or ‘post-quantum’ crypto. New public key cryptographic systems that meet the criteria are currently under development and evaluation. NIST (the US National Institute for Standards and Technology) has emerged as a focal point for these efforts, and recently received over 80 submissions in response to its recent call out to research teams. After vetting these proposals, standardization work will be initiated. Solid deliverables are expected in time for NIST’s second post-quantum cryptography standardization conference, in 2019.
Keep in touch
Back in the dark days of World War Two, a remarkable international group of Allied codebreakers based at Bletchley Park in England successfully unlocked the ‘unbreakable’ Enigma machine ciphers with which much of their enemy’s communications were secured. To help them do so, they created a landmark piece of electro-mechanical equipment, the ‘bombe’. Over 70 years later, another new generation of technology is poised to undermine supposedly infallible cryptographic techniques. However, the key message here is not just about the willingness of the wider industry to research and implement new forms of protection against this latest threat. Quantum computing – or at least the quantum physics on which it is based – will also open the door to completely new approaches to data security. Of course it’s still very early days, but for anyone with an interest in encrypted communication, these are exciting times; it is well worth staying abreast of developments. In other words, don’t just keep calm and carry on. Stay tuned as well.
Aline Gouget, Technical Advisor and Security Researcher for Gemalto
Image Credit: Welcomia / Shutterstock