Quantum computing has long promised the next major leap forward in computing power. In fact, in 2017 Google announced a new quantum chip that shows promise in bringing increasingly large-scale quantum computing to the mainstream over time. But even though the potential for quantum computing is promising, there is a darker side, with quantum computing having the potential to undermine the foundations of internet privacy and commerce. It is this darker side I want to explore further.
But before we get to the dark side, we have to understand more about quantum computing in general. Simply put, quantum computing uses the properties of quantum physics—the physics that applies to sub-atomic particles—to both store and transform information. It is not just a faster computer where we can apply our current approaches to problem-solving. It is faster and fundamentally different—meaning it requires a new approach in almost every aspect, including how data enters and exits, how data is stored, how it is transformed and how programs operate.
The core reason why quantum computing is so different stems from the fact that quantum computers store and process data in quantum bits or qubits. Traditional computers store and process information in a set of binary bits, each of which can be 1 or 0 (one-dimensional data). Quantum computers store and process information in qubits, which can be thought of as vectors (three-dimensional data). This means that while traditional computers process binary logic and arithmetic, quantum computers perform linear algebra and vector arithmetic.
But quantum computers have another property which fundamentally changes the game: Each qubit can exist in a state called superposition, meaning it can represent multiple vectors (or all vectors) at once. Utilizing this property and quantum operations that cause qubits to “choose” a final state enable new algorithms that before were infeasible or impossible to implement in traditional computers.
This brings us to the dark side of quantum computing. In 1994, about the time the internet was going public, a mathematician named Peter Shor invented an algorithm that would be able to factor large prime numbers much faster given a quantum computer with a sufficiently large number of qubits and sufficiently low noise level (a problem for quantum computers). And here’s the punch line: This ability to factor large primes more quickly would allow those in possession of a quantum computer to break the asymmetric encryption—the encryption scheme at the heart of most internet communication schemes including SSL, which you use every time you buy something from Amazon or view your bank account online. Not only that, the blazing speed of quantum computers also allows them to brute force symmetric encryption, which is used to encrypt data when it is stored. This leads most experts to believe that when quantum computers of sufficient size exist, both encryption of data in motion and at rest no longer will be safe.
So how much time do we have? No one knows for sure, but the clock is ticking and experts believe that within 10 to 15 years quantum computers may exist with sufficient power to break today’s cryptography. This is a problem because some of our most sensitive data needs to stay private for 20 to 30 years or even longer.
So what do we do about it? There are several activities currently underway to address the threat of quantum computing on cryptography:
- The National Institute of Standards and Technologies (NIST) has launched a post-quantum cryptography report and call for proposals on quantum-resistant cryptography. This effort should result in the selection of a well-analyzed and strong set of quantum-resistant asymmetric encryption algorithms that the industry can move to over time. This will help address the asymmetric encryption vulnerability Peter Shor discovered.
- For symmetric encryption and hash algorithms used to encrypt stored data at rest, NIST recommends increasing key sizes to make encryption keys harder to find with brute force attacks.
- Finally, the National Security Agency (NSA) Commercial Solutions for Classified program has proposed a “Rule of Two,” which says that for sensitive data, two separate crypto systems should be used to double encrypt the data with two keys generated completely independently. Why would the NSA recommend this? For two reasons:
- If there are vulnerabilities in one crypto scheme that make it vulnerable to quantum or other attacks, the other crypto scheme will still be there to protect the data.
- To make crypto-analytic attacks harder due to the dual crypto schemes in use.
Note that while No. 1 will take a while to address, security-conscious organizations can start implementing No. 2 and No. 3 now. Those who do so early will sleep much easier knowing they have done all they can to protect long-lived, sensitive data from both current and future attacks—even quantum computing attacks.