HPE Software is now Micro Focus
HPE Software is now Micro Focus
Protect Your Assets
cancel

Encryption is dead and quantum apocalypse is nigh! Or not!

Encryption is dead and quantum apocalypse is nigh! Or not!

Security_Guest

Guest post by Luther Martin, Micro Focus Distinguished Technologist 

The quantum apocalypse is nigh! Or it isn’t. It really seems to depend on whether you work in the security industry or not.

The conventional wisdom in the security industry seems to be that hackers will have access to large-scale quantum computers soon, possibly in two to three years, and that this will let them break pretty much any form of encryption that has even been invented. And because of this, we should all start developing our post-quantum security strategies right now. Or, even better, at least hire a consultant who can do this for you.

Quantum.pngOutside the security industry, on the other hand, people seem to have a very different view of the future of quantum computing. This was made clear at the recent Quantum Computing for Business (QCB) conference that was held in Mountain View, CA, on December 4-6, 2017. 

The general consensus at the QCB conference seemed to be that quantum computers were an interesting and promising technology, but one that was at least 15 to 20 years away. And that’s for quantum computers with roughly 100 quantum bits (qubits).

It’s indeed possible to easily crack some types of encryption if you have a big quantum computer. To crack an RSA key, you need at least twice the number of qubits that comprise the key - to crack a 2,048-bit RSA key, you need at least 4,096 qubits, etc. And if you want a fault-tolerant quantum computer, those thousands of qubits could easily grow to millions of qubits. But if you have such a quantum computer, the security provided by RSA encryption essentially disappears – it could actually be faster to use a quantum computer to crack an RSA key than to use the right private key to decrypt a message.

Not all encryption algorithms become essentially useless in the face of quantum computers. Symmetric encryption algorithms like AES (including the format-preserving FF1 mode) are still secure. And there are also public-key algorithms that are secure against adversaries equipped with quantum computers. One of these (NTRU) is specified by X9 and IEEE standards. Another (McElice) is specified by the OASIS KMIP standard.

So we already know how to communicate securely if adversaries have quantum computers – just switch the existing non-quantum-safe algorithms for quantum-safe algorithms and you’re done. Something that causes that level of work is definitely not the sort of thing that deserves to be called a “quantum apocalypse.” It might be more work than other software updates that break compatibility with earlier versions, but it’s definitely not the end of the world.

And it’s not even clear that we’ll be seeing big quantum computers any time soon. When compared to the timeline for semiconductor technology, the progress in quantum computing looks extremely slow, and this slow progress should lead you to suspect that the claims of hackers having big quantum computers in a few years are simply false.

First, a bit of history

The first commercial integrated circuit that comprised a total of two transistors was shipped in 1961. Eighteen years later, the technology had advanced a lot - the Motorola 68000 microprocessor (comprising, you probably guessed it, 68,000 transistors) was shipped in 1979. That represents a significant and dramatic advancement in technology over those 18 years.

With quantum computing, on the other hand, we have managed to move from a computer comprising two qubits in 1998 to a computer comprising 17 qubits in 2017. That’s a year longer that 18-year period over which semiconductor technology advanced from a single flip-flop to a modern microprocessor. The race to build a useful quantum computer is underway, much like the race to develop and commercialize semiconductor technology was underway back in the ‘60s. But although it seems that there are stories in the news every day about a new advance in quantum computing technology, the reality is that we are still in a time when lots of basic research needs to be done to make big quantum computers possible.

The discussion at QCB 2017 seemed to be firmly grounded in reality. Maybe it’s time for people in the security industry to try for the same level of sanity. Otherwise, spending lots of time and effort worrying about how hackers will be able to crack your encryption using quantum computers will distract from addressing the many very real security problems that businesses face today, such as not encrypting the data throughout its lifecycle.

 

About the Author
Luther Martin, Micro Focus Distinguished Technologist, is a frequent contributor to articles and blogs. Recent articles include The dangers of implementing blockchain technology in Information Age, Is quantum computing the end of security as we know it? In Tech Beacon Magazine, and I Object! Common Objections to Format-Preserving Encryption Debunked, in the Protect Your Assets blog.

0 Kudos
About the Author

Security_Guest