July 13, 2022
Modern computers have changed daily life at a fundamental level, and they become more powerful every day. The smartphone you may be reading this story on is likely more powerful than the supercomputers of a few decades ago.
But even today’s most powerful computers have significant limitations.
That’s where quantum computing comes in. It’s a field of research that exploits the (sometimes strange) laws of quantum mechanics to unlock an exponential increase in computing power. Drug discovery, vaccine research, financial modeling, weather forecasting and just about any field that needs epic amounts of computational power are likely to be vastly accelerated through quantum computing.
Quantum computers could also be used to break some of the world’s most common encryption algorithms.
A TALE OF TWO ENCRYPTION SYSTEMS
There are two major categories of encryption.
The first is symmetrical encryption or private key encryption. Think of it this way: When you lock a door, the same key unlocks it. When you encrypt and decrypt information with the same key and only a select few people have access this is known as symmetric encryption. Similarly, the key to your house is something you typically don’t distribute to people you don’t trust.
Asymmetrical or public key cryptography allows you to encrypt and decrypt information with different keys, one of which is publicly distributed. Think of the public key as a key that someone can use to lock a door, but not unlock it. Or to unlock a door, but not lock it. The system is a little complicated, but there’s only really one thing you need to know: this type of cryptography allows you to securely conduct business with people you have never met.
Public key cryptography, including both public-key encryption and digital signatures, according to IEEE Member Jonathan Katz, is deployed every time transport layer security is used for an encrypted web connection. Digital signatures are used by all major companies to certify their code updates.
Symmetric key encryption is generally harder to break than asymmetric, public key cryptography.
“It has been known for over 30 years that the existence of a large-scale, general-purpose quantum computer would render existing public-key cryptography (both encryption and digital signatures) insecure,” Katz said. “While this sounds quite bad, note that it is currently unclear when such quantum computers might become available.”
Many experts believe that large scale, general purpose quantum computers that are capable of breaking modern cryptography will be available within the next two decades.
THE RACE FOR POST-QUANTUM CRYPTOGRAPHY
“The cryptographic community is beginning to focus attention on post-quantum cryptography, but time is needed to improve the efficiency and build confidence,” said IEEE Senior Member Kevin Curran. “Time is also needed to improve the usability of post-quantum cryptography.”
Among the challenges: whatever system that is used must work across the same complex ecosystems that work to underpin today’s Internet.
“We may very well find that we do not actually need post-quantum cryptography. But the risk is perhaps too large to take. And if we do not conduct the research now, then we may lose years of critical research in this area,” Curran said.
Another issue: some data may be so valuable that it’s worth the wait to decrypt it.
“Part of the problem is that an attacker can record and store encrypted data now, and then use a quantum computer – when one becomes available – to break the encryption and recover the underlying data,” Katz said. “So data that needs to remain secret for 20-plus years already needs to be protected using technologies that will remain secure against quantum computers.”
The race for post-quantum cryptography is on – and there are no signs of it slowing down anytime soon.
LEARN MORE:
What is a quantum computer? What will they be used for, and what are the challenges of their development? The team at IEEE Quantum has curated a collection of easily understandable videos that you can use to understand the weird, wild, wonderful world of quantum computing.
Video Transcript
What risks do quantum computers pose to cybersecurity?
Kevin Curran, IEEE Senior Member: “In a nutshell, quantum computers will be able to break certain cryptographic algorithms. It must be kept in mind that all known current quantum computers are too limited to attack any real cryptographic algorithm, but cryptographers are creating new algorithms to prepare for a time when quantum computing becomes a threat. Again, the threat that quantum computing poses is to the security of public key algorithms. Most symmetric, cryptographic algorithms and hash functions are believed to be relatively secure against attacks by quantum computers.”
“The cryptographic community is beginning to focus attention on post-quantum cryptography, but time is needed to improve the efficiency and build confidence in post quantum cryptography. Time is also needed to improve the usability of post quantum cryptography. We may very well find that we do not actually need post quantum cryptography. But the risk is perhaps too large to take. And if we do not conduct the research now, then we may lose years of critical research in this area.”