Computer enthusiasts and hackers alike have benefitted from rapid improvements in computing power and speed. According to the famous Moore’s Law, computational power doubles every two years. However, systems are now reaching the physical limits of Moore’s Law.
Enter quantum computing. Quantum computers overcome the limitations of existing microchip-based architectures by employing qubits (subatomic particles like electrons and photons) to generate truly astounding computing speeds.
However, quantum computing is in its early stages, requiring far more resources than the average computer user can access. Quantum computers require cooling at near absolute zero and take up large amounts of space. They bring back visions of the first vacuum tube-based computers like ENIAC, which filled large rooms.
But just like classical computers, quantum computers are advancing quickly. Quantum computers pose a great risk for companies because they potentially will allow attackers to overcome today’s strongest encryption methods, exposing sensitive corporate data and systems. And companies need to prepare for a time when ingenious hackers have access to them. So, it is time to proactively think about quantum-resistant encryption (QRE) or quantum-safe cryptography (QSC).
How quantum computers can break strong encryption methods
The simple answer here is that almost any encryption scheme can be broken given enough time. Despite Moore’s Law, classical computers simply are not fast enough to solve the highly complex mathematics underlying today’s strong encryption methods.
But the danger is clear. For example, an early encryption algorithm known as DES was first broken in 1997. In 1998, it took 56 hours to break DES encryption using brute force. However, by 2021, DES encryption lasted only 5 minutes against attack. And successful brute force attacks can result in everything from identity theft to corporate data exfiltration.
Let’s consider how quantum computing could affect attacks against today’s strongest encryption algorithms. Two of the most popular algorithms are AES 256-bit encryption (the Advanced Encryption Standard) and RSA (Rivest-Shamir-Adelman).
AES is a symmetric key cipher where both the sender and receiver require a copy of the key. In AES-256 encryption, there are 1.1 x 1077 possible key combinations. Using classical computers would take roughly a billion years for a successful brute force attack.
RSA is an asymmetric key system that relies on factoring a pair of prime numbers. Because RSA uses a 2048-bit encryption key, the time needed to brute force attack RSA is substantially longer. Indeed, current estimates are that it would take around 300 trillion years to break RSA encryption using classical computers.
This is where quantum computing comes into play. Compared to classical computing, where there is a 1:1 relationship between the number of transistors and total computational power, quantum computing power increases exponentially with the number of qubits (Neven’s Law).
Google’s quantum computer, the 53-qubit Sycamore, showed the superiority of quantum computers in 2019. It took Sycamore a mere 4 minutes to solve a complex mathematical problem that would have taken one of the most powerful existing supercomputers more than 10,000 years to solve, representing a 158 million-fold increase in speed over the supercomputer.
This is not yet enough power to make AES and RSA vulnerable. But IBM now has a 100-qubit quantum machine, and others like ColdQuanta are targeting 1000 qubit machines in the next few years. Given the exponential increase of quantum computational power and the development of quantum-specific methods such as Shor’s algorithm, the end of AES and RSA may not be that far away. Indeed, one study suggests that a quantum computer able to break 2000-bit RSA encryption may be available as soon as 2030.
Hardening encryption against quantum computing
Research into quantum-resistant cryptographic methods is already well underway. The National Institute of Standards and Technology (NIST), which is actively sponsoring research to identify suitable candidates for standardization, refers to the field as post-quantum cryptography (PQC).
NIST describes several underlying technologies that may be suitable for PQC:
- Lattice-based cryptography
- Code-based cryptography
- Multivariate polynomial cryptography
- Hash-based signatures
NIST has set a timeline between now and 2024 to select final options. Currently, NIST is in Round Three of vetting candidates. The 7 finalists fall into two categories: public-key encryption and key-establishment algorithms (4) and digital signature algorithms (3). There are also eight alternate candidates split between these groups.
What does this mean for companies now?
Obviously, it is not financially feasible for companies to invest substantially against a threat whose timeline is uncertain. But quantum computers will certainly be viable and widely available in the not-too-distant future, so organizations should begin preparing to meet that threat.
What can businesses do now? While every organization is unique, NIST provides a general suggested process for all companies. The first step is to better understand both the threat itself and the company’s potential exposure. Companies that have not already inventoried and audited their information systems and data and determined both criticality and potential weaknesses should do so immediately. Doing so will put the organization in a better position to defend against both future quantum attacks and current threats.
Once the organization has properly categorized its information assets (from infrastructure to company websites), it can begin building a plan for transitioning systems to new cryptographic methods based on priority once new standards and algorithms become available.
Being proactive now will allow the company to move quickly in response to innovations in protective encryption and hacking efforts. And as everyone knows, even just a few seconds of time can make all the difference between defending against an attack or suffering a breach.
Companies also should consider how quantum computing will affect existing risk and compliance efforts. For example, companies employing online payment systems may need to follow the evolution of PCI compliance standards in finance and accounting tools in response to quantum developments.
Companies can also look to outside security experts to help position themselves now. The industry is already focused on PQC and can serve as an excellent resource for companies just becoming aware of the issue.