Quantum and the future of cryptography

Emerging technological horizons: Quantum and the future of crypto


By Vidya Subramanian

istock illustration

The ability to encrypt information is an essential part of military command and control, just as the breaking of military codes has been a decisive factor in modern warfare. With that in mind, the United States should take action now to prepare for a day when adversaries may have decryption capabilities through quantum computing.

Examples of successful decryption abound, from the decryption of the Zimmermann Telegram that brought the United States into World War I to the decryption of Japanese codes that led to victory at the Battle of Midway. Most famous, cracking the Enigma code helped change the course of WWII. Although it remains an essential part of military command and control, cryptography also underpins security in all segments of our economy, including phone calls, credit card payments, banking transactions and most. web research.

Ensuring that data is successfully encrypted and therefore inaccessible to attackers is the key to maintaining a strong cyber defense posture. To this end, cryptographic technologies are widely used to authenticate sources, protect stored information, and share data confidentially and securely. The algorithms currently in use are so advanced and have revolutionized data security to such an extent that even the fastest conventional computers could take years, if not decades, to unlock encrypted files. As a result, rather than attempting brute-force decryption, hackers instead preferred to steal encryption keys or find weak links in a security network to bypass secure channels and steal the decrypted data.

For example, in the recent Colonial Pipeline incident, attackers gained access to the computer system through an old virtual private network, or VPN, profile that had not been used or monitored for years. Better enforcement of cyber hygiene is a short term solution, but in the long term, security networks also need to be overhauled to implement cryptographic algorithms designed to fend off future attacks made possible by emerging technologies such as computing. quantum.

For decades now, quantum computing has been considered one of the next great revolutions. Quantum computing is not only faster than traditional computing methods, but a fundamentally different approach to solving seemingly intractable problems. The mathematical operations on which most traditional cryptographic algorithms are based could be deciphered with a sufficiently powerful quantum computer.

With the potential that the quantum could have on the international economy, it’s no surprise that billions of dollars are being invested to fund research in this emerging technological area. In the United States, efforts are led by universities, government labs, and tech companies across the industrial base. However, China is investing heavily and is following closely. President Xi Jinping’s government has spent more than $ 10 billion to establish the National Laboratory for Quantum Information Sciences and, at the current rate, will spend more on quantum research than any other country by 2030.

Practical quantum computers are still a long way off. The design and operation of a functioning quantum computer, let alone its programming, will be exceptionally difficult.

Traditional computers use bits that can only contain one of two values ​​- 0 or 1. But a quantum computer uses quantum bits, also called qubits, which can be both 0 and 1 at the same time, thus giving the computer its exceptional power. . However, these qubits are also fragile, and interactions with their environment can distort them. Existing quantum computers were built with just a few handfuls of qubits, while a usable quantum computer would require something closer to a million high-quality qubits with robust error correction.

Larger calculations would also require larger quantum chips with several million connections. Even if it were possible, we currently do not have the ability to control multiple qubits over time scales necessary for useful operations, on the order of a few tens of nanoseconds.

Notably, only a limited set of problems have been identified that can currently be solved more efficiently on a quantum computer than a traditional computer.

However, given the pace of advancement and the scale of investments from peer competitors, we should not wait to implement quantum resistance algorithms on our security networks. There are steps we can take now to guard against future quantum computing capabilities, including the implementation of post-quantum cryptography algorithms that are secure against classical and quantum computers. Of course, systems protected by the most robust quantum resilient algorithms would still be vulnerable to attacks over weak links in a network, so these are necessary but not sufficient steps.

In 2015, the National Security Agency announced plans to move to a quantum-resistant cipher suite and encouraged partners and vendors to do the same. The National Institute of Standards and Technology created the Post-Quantum Cryptography Standards Program and Competition in 2016, to upgrade public-key encryption to a quantum-proof model. The submitted schematics have been analyzed internally to standardize the best ones to use in products and services. Three signature schemes were selected as finalists in the third round in July 2020, with some alternative schemes being considered for further analysis. NIST also plans to publish a manual to guide government and industry in transitioning their crypto systems to quantum resilience.

It would be difficult to predict when, or even if, quantum computing will provide our adversaries, if not bad actors, the ability to crack previously unbreakable code. But whatever the timing of this threat, we can take action today that will significantly reduce the potential risks posed by this future capability.

Vidya Subramanian is a recent masters graduate from Purdue University and a former research intern at the NDIA Institute for Emerging Technologies.

The subjects: Emerging technologies

Comments are closed.