A new type of computer threatens to shatter today’s security protocols, no matter how sophisticated. Quantum computers are on the brink of maturity, and they’re so powerful that they can solve complex mathematical problems in minutes that would take thousands of years for classical computers.
Solving such problems could help make immense progress in every area of human endeavor, from uncovering the mysteries of the universe to improving finance instruments to finding breakthroughs in cancer research. Unfortunately, they’re also the kind of problems that the encryption methods of today rely on. If quantum computers are able to solve these problems, they could also break into virtually any account on the internet.
Experts agree that it will take years, maybe even more than a decade, until quantum computing reaches that point. These new machines would need to be able to deploy millions of qubits, the quantum analogy to today’s bits, to crack today’s passwords. In that light, Google’s recent building of a quantum computer with 53 qubits in late 2019 sounds measly.
Google’s machine had a quantum volume, which is a measure of quantum computing power, of 32. By June of 2020, Honeywell announced that it had doubled that quantum volume in their own machine to 64. Two months later, IBM reached that milestone too.
With such signs of progress, experts expect quantum use cases, such as simulations for research in medicine, finance, or other fields, to take place as soon as 2022. Full-blown applications should be in use by 2026, and commercial use of quantum computing should be widespread by 2030.
These projections also mean that, by the end of this decade, virtually any encryption we’re using today could be useless. In the worst-case scenario, an irresponsible pioneer in quantum computing could break into the systems of governments, enterprises, or global organizations and wreak pure havoc.
In this scenario, the IT systems that people’s lives depend on, such as electricity networks, hospital resources, logistical supply chains, and many others could be down in seconds. And even though such a future is still years away, we must begin working now to prevent this threat from coming to fruition. We need to think about building encryption that outsmarts quantum computers so that we can reap the benefits of these machines without letting them compromise our security.
Today’s Security Protocols
The basic principle of encryption hasn’t changed since the days of the Da Vinci code: a message is turned into gibberish with the help of an algorithm. When the message arrives at its destination, it gets decrypted by using that same algorithm backwards.
For example, I could encrypt the phrase “Da Vinci code” by shifting each letter four places back in the alphabet, and switching upper- and lowercase. The resulting gibberish would be “hD zMRGM GSHI.” To make sure that the receiver understands the message, I need to tell them what the decryption key is: switch upper- and lowercase again, and shift each letter four places up in the alphabet.
This is, of course, a very easy key, and a 10-year-old with enough ambition could crack it. Today’s IT systems use much more complicated mathematical formulas. These keys are stored in bits, just like anything on a classical computer. With these complicated formulas, even today’s supercomputers — which already are tens of thousands of times slower than today’s quantum computers — can’t break into frivolous text messages that you’re sending on your phone. More importantly, they can’t crack the passcodes for your bank accounts and all other places where you might store sensitive data.
Two different systems of cryptography exist today. The first one, symmetric or private-key encryption, is when the same key is used to both encrypt and decrypt the data. This type is used for all kinds of communications and stored data. The second system of cryptography, asymmetric or public-key encryption, is when two keys aren’t identical but mathematically linked. It’s used to exchange private keys, but also for any kind of digital authentication. When you visit an HTTPS site, for example, public keys get used to exchange a private key, which in turn ensures safe communications to and from the site. Public keys are never used alone; for a secure connection, you’ll always need a private key as well.
The Quantum Threat
If you want to crack private keys, you need to try each and every possible combination of its bits. Since every bit can take two values, either zero or one, a key that’s one bit longer than another one will have twice as many possible values. Hence, with a key that is just one bit more, you’d need twice as long to play through all possibilities until you could find the right one.
Grover’s algorithm, which is an important element of quantum cryptography, predicts that quantum computers will take half as long as their classical counterparts to crack private keys. But that means the response is straightforward. Just make all private keys twice as long, and you’ve restored the old level of security.
The real problem is that you can mathematically compute private keys with the use of public keys. And public keys are, well, public. For classical computers, carrying out this computation is really difficult if the public keys are long, like 2048 bits, for example. But future quantum computers could obtain the private keys from the public ones within a few hours. Shor’s algorithm provides one possible avenue, simply because quantum computing power is so immense.
Imagine what could happen if a foreign agent calculated the keys to a system of the United States government. What makes this problem worse is that today’s IT systems often rely on shared architectures. So when a hacker slashes their way into one system, they might have access to many more.
The Response So Far
The U.S. government is aware of the threat that quantum computing poses to cryptography. In 2018, the White House published a national strategy for quantum IT, which includes goals regarding quantum security. Congress then passed the National Quantum Initiative Act, which requires the president to be advised about developments in the field as well. In addition, this act puts the National Institute of Standards and Technology (NIST) in charge of checking up on quantum development, notably quantum cybersecurity.
The NIST has taken its role seriously: By 2022, it aims to publish a new set of standards for post-quantum cryptography. These standards would include algorithms that even quantum computers can’t crack. Thankfully, we already know many different ones that are likely to work. Researchers from various companies, such as IBM, Microsoft, and Google, have submitted their algorithms, which are under review now. Once the set of standards is public, the quantum-safe cryptography will need to be included in web browsers, applications, and all of the IT systems of both enterprises and government departments.
This development sounds like the U.S. is well on its way in preparing for the dawning of the quantum computing era. But this kind of response can’t come early enough: in fields such as healthcare, satellites, transportation, and industrial control, IT systems have lifespans that can last for decades. Updating those systems for post-quantum security at last minute would be both expensive and risky. That’s why having these standards ready well before quantum computing arrives is crucial.
What Governments Still Need to Do
Advising the president and other government officials on quantum security and putting the NIST in charge of security protocols are, without a doubt, extremely important steps toward a secure future, but we cannot stop there. As with artificial intelligence, launching global councils that oversee the development of the technology and elaborate a list of principles to guide further advances will be an important move. This strategy would also strengthen international collaboration and provide incentives for all players not to exploit future gaps in security.
As the World Economic Forum suggests, we also need to build a so-called quantum literacy among government officials. This training would make them less dependent on constant advice and allow them to make fundamental decisions faster. This guideline doesn’t only apply to the government, though. Enterprise leaders should be fluent in quantum technology too.
Finally, building a set of standards, like the NIST is doing, won’t be enough. Even if government and enterprise leaders are aware of the threat, they might adopt post-quantum cryptography late, maybe even too late, because it’s not high enough on their list of priorities. We therefore need to think about setting incentives for the early adoption of the new security protocols, for example through tax benefits or special grants from the U.S. government.
What Businesses Need to Do
For businesses, there are important preparatory steps that go beyond educating their leaders and adopting security protocols. Enterprises should aim to get their whole infrastructure and their products crypto-agile, i.e., able to adopt new security protocols as soon as they become available.
One way to achieve this is by using a certificate management platform that alerts the user about expiring certificates and helps to implement new ones. Documenting your efforts will help you and your employees understand where you are on the learning curve of post-quantum security. In addition, you should check that any partnering businesses keep up-to-date with their security too.
If your software has a long lifecycle, investing in quantum-safe hardware security modules also might be worth the cost. These modules are special hardware pieces that keep your encryption keys safe even in the face of quantum attacks. Some are already commercially available from firms like Ultimaco and ISARA.
In addition, companies should embrace the principle of Always-On SSL, even without the quantum threat. This means, among other things, that employees can only visit HTTPS websites, and ensures that your communications are harder to crack. This procedure won’t ultimately protect from the quantum threat, but it will make it a little bit harder for even quantum computers to intercept your connection.
Finally, make sure you regularly test your security strategy and adjust if necessary. This includes periodically testing your IT systems in a dummy environment in which white-hat hackers try to break in. This might seem expensive and unnecessary in the short term, but it pays off since security risks can be found and fixed ahead of time.
Don’t Panic — Get Ready
As with most worst-case scenarios, a quantum security apocalypse is not the likeliest of all cases. The fact that the U.S. government is investing heavily in post-quantum security and that top tech firms are involved in the development of new protocols is reassuring. Still, you shouldn’t pretend that the threat doesn’t exist for you.
According to a survey by TechRepublic, 71 percent of global organizations see quantum computing as a major threat, and 95 percent said that they’re discussing at least one tactic to protect themselves from the dangers. More than half of all organizations, 56 percent to be exact, are already investing in post-quantum cryptography.
They’re right to do so. Even though password-cracking quantum computers are still a few years away, the implications could be pretty disastrous if we don’t act now.