“Quantum computation” is computation carried out using computing devices based on strange physical properties of counter-intuitive matter at a very small scale, known as quantum mechanics.
Unlike classic computers based on transistors that encode data in binary digits (or “bits”) which can only be “1” or “0” (think “active” or “dead), quantum computers use” qubits “where qubits single is able to encode more than two statuses. (Technically, each qubit can store superpositions of many statuses, but mathematics is too complicated for the purposes of this article!)
Note: quantum computing should not be confused with “quantum cryptography”, which is the science of exploiting quantum mechanical properties to perform cryptographic tasks. A prime example of this is the “quantum key distribution”, which allows secret cryptographic keys to be shared between two distant parties so that any interception can be detected reliably.
This technology, although less complex than quantum computing, is also relatively immature with many existing practical implementations that have proven unable to fulfill their theoretical promises.
Do Quantum Computers Exist?
Yes – simple, small-scale quantum computers have been built and successfully demonstrated. At present, it is a large, expensive and complex laboratory instrument to use, and has very limited capabilities. But they prove the physical principles that underlie it are healthy.
The challenge is building a large enough (in terms of qubit capacity) to do useful tasks better than classical computers.
Many universities, companies and government agencies around the world are racing to do this, using a variety of different experimental techniques – some techniques may turn out to be more feasible than others, or have special properties that are useful for certain application classes.
Why are Quantum Computers Useful?
It is possible to make algorithms that run significantly faster on quantum computers than classical computers, because of the unique nature of qubits. This algorithm can be used for a number of different scientific and business applications, and will bring many benefits. Some of these algorithms have been tested and proven on quantum prototype computers, but will not be practically useful or economical until larger quantum computers have been built.
How is Quantum Computer Relevant to IT Security?
Many important aspects of IT security depend on public key encryption and cryptography, which are important for e-commerce and protecting confidential electronic information.
These techniques are in turn based on mathematical algorithms that are very difficult to “destroy”. Modern algorithms with appropriate key lengths (eg AES-128, RSA-2048, ECDSA-256, etc.) Are not susceptible to brute force attacks – even with a large amount of computing power, they will take centuries or, in some cases , even longer than the age of the universe to solve.
However, it is possible to create unique algorithms for quantum computers (for example the “Shor algorithm”) which dramatically reduces the time needed to break this algorithm.
Symmetric algorithms used for encryption, such as AES, are still considered safe (with sufficient key lengths – for example AES-256 or greater); However, current asymmetric algorithms such as RSA and ECDSA will basically be considered useless once a quantum computer reaches a certain scale.
This will destroy almost every practical cryptographic application used today, making e-commerce and many other digital applications that we rely on in our daily lives completely insecure.
What Prevents Today’s Large Quantum Computers?
Working on the limits of physics is challenging! While many of these theories are well understood, turning theory into practice on such a small scale is a significant scientific and technical challenge that is weighing on many of the world’s best scientists.
There are many fundamental problems that have not been addressed before large-scale quantum computers became feasible. In particular, qubits are very vulnerable to the amount of almost undetectable thermal and electromagnetic interference that is difficult to remove (the problem of “decoherence”).
The next challenge is to make quantum computers affordable to anyone outside of academia and government.
So when will a large quantum computer be available?
The short answer is nobody knows. That depends on a number of scientific and engineering breakthroughs made, which can come in the next 5-10 years, or 20-30 years, or maybe never. It may take years before such computers are generally affordable outside large government agencies.
This uncertainty is the biggest concern facing government and business.
Then what will happen?
Fortunately, many mathematicians in academia and government circles are working on a number of candidate “quantum-resistant” algorithms that cannot be violated using quantum computers.
Call to action newHowever, it takes time to get the trust that this algorithm has no other weaknesses – it usually takes years to gain confidence in the security of the new algorithm. Performance is also a problem that must be overcome by a quantum-resistant algorithm.
New standards must be written and adopted, many of which are national or industry specific; applications must be adapted to use new algorithms, which can be a real challenge in some industries (such as banking) where there is a large amount of legacy infrastructure that cannot be easily upgraded, if at all.
Algorithms such as DES, MD5, SHA-1 and RSA-512 are still used in some places, but are thought to be able to break using classical computing today or in the near future – only because of the amount of inertia in large commercial systems where interoperability is important.
So, if you consider the above and see the most optimistic predictions about the availability of large quantum computers, there really isn’t time to lose in starting to solve this problem!
Should I Worry?
Maybe not – this is a global problem, and there are many people working on this. But that doesn’t mean you have to ignore it. Supervise the progress of quantum computing, the development of quantum-resistant algorithms, and the creation of new standards; ensure your applications and infrastructure can be upgraded; make plans , and be ready to migrate at the right time.
(Note that the latest Elliptic Curve technology does not provide any benefit – in fact, it is even more insecure in the face of quantum computing – so there is no point in moving from RSA to ECDSA, unless you need the speed advantage it offers.)
However, note that much of the encrypted information that is around today, or over the coming years, might be vulnerable to decryption one day in the future as quantum computers are generally available – all an attacker needs to do is capture the encrypted data today, including the initial key exchange handshake, then wait until they have enough quantum computer power to solve it in a reasonable amount of computing time.
This is particularly a problem for the government, which has large amounts of confidential data with a long “intelligence life” – that is, it needs to be kept secret for 25 years or more for reasons of national security. This is why governments are at the forefront of research efforts – both to develop quantum computing for offensive cyber operations, and to develop quantum-resistant algorithms for defense purposes. They might even have a clandestine research effort that is ahead of the academic world, because there are significant military advantages to be had.
Commercial organizations with sensitive data that they want to protect over the long term and are attractive targets for hackers must use symmetric algorithms with long key lengths (eg AES-256 rather than AES-128 or 3DES) as soon as possible and, where Diffie-Hellman used to negotiate symmetrical keys, use the perfect advanced confidentiality technique to minimize the amount of data protected under each key.
They must also be looking to migrate to a quantum-resistant algorithm sooner than later. However, given the childhood of the algorithm, it would be wise to initially use a hybrid algorithm (which combines a proven and established algorithm with an unproven quantum-resistant algorithm, so the attacker must decide both to be successful).
For the most paranoid, security can be found by eliminating the use of public key cryptography completely and relying only on symmetric cryptography. However, it introduces a different and perhaps more problematic security challenge, namely secure sharing of secret key material. Maybe the distribution of quantum keys will provide a solution for that?
In the end, the threat of quantum computing is reduced to economic problems. A decent quantum computer will initially be very expensive and have limited power, so in the beginning only the government will be able to afford it and will only have enough capacity to attack the most valuable secrets of other nation states.
Gradually this ability will flow to organized criminals, but again they will only have the capacity to be able to attack the most profitable targets (for example faking financial transactions, blackmailing large companies or selling their sensitive data to the highest bidder). When quantum computing is generally available (if ever), hopefully old and vulnerable algorithms will be lost.