Cryptography fundamentally underpins the modern internet, but developments in quantum computers over the next ten years could critically threaten the security it brings. Technology is changing to protect against this but for some critical applications, change might not be fast enough.
Take a look at the top left of your browser window. You will probably see a padlock. That padlock informs you that the website connection you are using is secured with encryption. Anyone intercepting your data will not be able to read it or steal your credit card details. Over the last few years, use of the Transport Layer Security (TLS) protocol – the successor to Secure Socket Layer (SSL) - has reached a huge percentage of all traffic on the internet and it’s still increasing.
The root of this security is public key cryptography. This allows the creation of a secure channel without having to pre-agree a secret key. The first, and most well-known, public key agreement algorithm is RSA, which was first developed in 1977. The underlying principles had actually been conceived in secret several years earlier by British government researchers at GCHQ but it was shelved for having no practical application.
Today, several public key algorithms exist, but, their security can all be boiled down to what’s known as the discrete logarithm problem. There has never been a way to solve the discrete logarithm problem efficiently on a computer. And so the keys based on this method are secure. Of course, that doesn't mean that it is impossible to find an efficient way to solve the problem, just that one hasn't been found yet.
The computers we use today are complex marvels of technological engineering that are capable of making billions of calculations a second. However, the core idea that drives them is much the same as when they were the size of a house and only three existed worldwide: electrical signals running through a circuit, with a high and low voltages meaning 1 and 0 respectively, hence the generic description “binary computers”.
In 1990, 2000, and 2010, scientists estimated that quantum computers that operate on an entirely different principle to binary computers were 20 years away. Now, there appears to be progress in the area. Google, Microsoft, and Alibaba are competing to be the first to demonstrate quantum supremacy – that is when a quantum computer can no longer be modeled on a binary computer - this year. These computers will still only be suited to some very specialised problems but a general quantum computer is probably not more than 15 years away and there are plenty of more optimistic forecasts. These optimists will have taken encouragement from the announcement in January by IBM of the first standalone quantum computer.
Quantum computers, however, change how computation works at a fundamental level. Quantum effects are harnessed to give massive computational power. They will revolutionise how we approach some problems. Most importantly from a cybersecurity point of view, when general quantum computers are developed, they will be able to solve the discrete logarithm problem.
Shor's algorithm, developed in 1994 by Peter Shor, enables a general quantum computer to solve the discrete logarithm problem in polynomial time. This means that all current public key exchange algorithms will be regarded as broken. In turn this means that all current internet security will be broken. Given the massive amount of infrastructure reliant on cryptography based on the discrete logarithm problem, the impact is potentially unprecedented.
In December 2018, the US National Academies of Sciences, Engineering, and Medicine issued a Consensus Study Report that said it was “highly unlikely that a quantum computer that can compromise public-key cryptography – the basis for the security of most of today’s computers and networks – will be built within the next decade. However, because replacing an established internet protocol generally takes over a decade, work to develop and deploy algorithms that are resilient against an attack by a quantum computer is critical now.”
The report goes on to say that while defeating currently deployed public-key encryption using the best available conventional computer is effectively impossible, a quantum computer could potentially perform this task in no more than a few hours. Even if a sufficiently advanced quantum computer does not arrive within the next thirty years, the report emphasised the need to begin transitioning to quantum resilient procedures to prepare for an attack by such a system.
The solution to this threat lies in what is known as Post Quantum (also called Quantum Resistant) cryptography. This uses new mathematical problems, which are believed to be secure against quantum computers. These new algorithms are currently in the process of being standardised by NIST, the US standardisation body. A shortlist of candidate algorithms was prepared last year and they are currently being put through their paces with the aim of standardising replacements for the current algorithms around 2023.
If general quantum computers are 10 to 15 years away, do we need to worry yet? Probably, yes. Many people already don’t take enough care of their personal data and should take basic steps to protect it. Some encrypted data only requires security for a short period of time. Your credit card details will have expired in 15 years, and won't be useful for anyone. Your medical records, though, may still need confidentiality. Once you add in the number of years it will take to change to quantum resistant cryptography, it looks like the US National Academies’ call for action now is not far off the mark. For companies holding sensitive data, there is value in starting to understand the threat. Many major businesses, particularly in the US, are said to be already using post quantum cryptography to encode their archived sensitive data.
Here are three key questions to consider in advance of general quantum computing becoming a reality:
- What changes might be required for your applications and data structures?
- Will NIST's proposed algorithms function with your systems?
- How will your network infrastructures cope with the increase in key size?
Despite the turmoil quantum computers will bring in the cyber security sector, the processing power that they will bring to artificial intelligence, physics, chemistry, and countless other areas will mean possibilities that cannot even be imagined. Early preparation from companies today will allow them to fully take advantage of the opportunities that will arise.