Encryption is clearly at risk due to quantum computing. Post-quantum crypto means seamless integration of new cryptography into hardware and software.
Quantum computing has a potential downside that could compromise our ability to secure data. In 1994, Peter Shor created a quantum computer-based algorithm for factoring large numbers that could be used to break encryption. Today's RSA encryption relies on the difficulties that such factorization poses for a traditional computer. Nation states and malicious actors began collecting data packets with Shor's technique in mind, hoping for a time when they could decrypt those packets with a fault-tolerant quantum computer.
There are currently about 30 quantum computers in the cloud. Because these quantum computers are error prone and have insufficient quantum bits (qubits), they cannot perform Shor's algorithm against RSA encryption. According to some scientists, it will take at least 30 years for quantum computers to pose a threat. But these claims may be based on outdated information, and there is evidence that encryption will be broken by quantum computing sooner than we anticipated.
A quantum threat (Y2Q) to cryptography will eventually occur. The Y2Q issue is similar to a mix of the Y2K bug and the 2014 Heartbleed attack in that it will negatively impact data in motion and almost every system in the world.
Y2Q has an impact on both symmetric and asymmetric general cryptography. Symmetric encryption works like a locked box with a key and is used for data at rest. While Shor's method cannot crack symmetric encryption ciphers like AES, Grover's search algorithm can. In this case we can increase the symmetric key size and make it harder to brute force attack to combat Y2Q.
Asymmetric encryption, commonly known as public key cryptography, and its most popular use, the RSA cipher, protect data in motion over a network. Shor's method breaks RSA, allowing a quantum computer to decrypt messages and reverse private keys.
ECC is a form of public key encryption also used by the blockchain, making the crypto economy vulnerable to quantum computing.
Conducting post-quantum crypto (PQC) agility assessment is the first step in getting ready for Y2Q. Crypto agility is the capacity to integrate new cryptography into an organization's hardware and software without breaking the infrastructure. However, it is difficult to pinpoint these main threats. It is necessary to identify passwords used throughout an organization, including third-party hardware and software. The fact that some components may not have a future in post-quantum cryptography further complicates the process.
It may be too late to secure some types of data. According to Mosca's theorem, the shelf life of your secret should be extended by the number of years it takes your company to migrate to new cryptographic standards and primitives. For example, three years will be required to transition and an additional ten years to maintain compliance, a total of thirteen years.
We predict that by the end of this decade, quantum computers will have enough power (high fidelity qubits) to decrypt data using the Toffoli-based modular multiplication application example of the Shor algorithm.
But the quantum world is constantly making observations on its inhabitants, including qubits, which causes them to decompose and become "classical" or unable to use quantum algorithms. To make qubits nearly perfect with 99,99% accuracy, system designers must take this noise into account and work around technical hurdles. Also, error correction must be performed, which requires some physical qubits to be lost to produce a logically error-corrected qubit.
By connecting several good, small-scale quantum computers together with an interconnection system, qubit growth can be accelerated, allowing quantum computers to intertwine qubits and act like a single quantum computer. If interconnected correctly, for example, four 1.100-qubit quantum computers could create a 4.400-qubit machine capable of breaking the encryption.
According to IBM, 1.000 physical qubits would be required to produce one error corrected qubit. IonQ, on the other hand, believes it's closer to 16 to 1. A middle figure suggests that if we approach 1 million physical qubits this decade, we will quickly outpace current estimates.
NIST is striving to establish a new PQC standard with ciphers to replace RSA, as it is aware of the impending threat. It is expected that a new standard will be established by the end of 2024.
The National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems was issued by the White House in May 2022. Following NIST's finalization of the new standard, this document contains requests for federal agencies to take certain actions.
Regulators and other segments of the private sector can be relied upon to closely reflect these expectations. For today's most critical data flows, organizations must adopt hybrid PQC solutions and become crypto agile.
Source: darkreading – Konstantinos Karagiannis