Your data may be safe from a quantum attack... for now. When quantum computers develop the ability to crack present-day encryption mechanisms, will you be ready?

Currently, lots of data is encrypted based on public key cryptography, which relies on a simple principle: Some math problems, like factoring large numbers into primes, are hard for a computer to solve. But thereâ€™s an algorithm, called Shorâ€™s algorithm, that would be able to complete this task quite easily with the help of a quantum computer. Weâ€™ve been talking about it forever, but scientists and others are working really hard to figure out how to supplant present-day public key cryptography strategies so theyâ€™re immune from a quantum attack.

â€śFor public key cryptography, the damage from quantum computer will be catastrophic,â€ť Lily Chen, mathematician and leader of the National Institute of Standards and Technologyâ€™s Cryptographic Technology Group, said in a session at the American Association for the Advancement of Scienceâ€™s 2018 annual meeting in Austin, Texas. â€śWe must look for quantum resistant counterparts for these cryptosystems.â€ť

Quantum computers are processors whose bits operate and interact with one another based on the rules of quantum mechanics. While this technology is nascent, quantum computers have a lot of potential to solve problems that classical computers canâ€™t. Computing with Shorâ€™s algorithm is a little further on the horizon than other applications. But adapting to a new post-quantum landscape isnâ€™t just a quick patch download.

â€śIn the previous generations, itâ€™s taken around 20 years between public key cryptography being published as a paper to people using it,â€ť said Chen. â€śWe can do better, but it will still take time.â€ť

Advertisement

NIST maintains present-day cryptographic standards, and is working to replace them with standards resistant to a quantum attack. After a call for proposals, they received 69 algorithms that could potentially be resistant to such an attack. Now, they must evaluate each one against both classical and quantum attacks to ensure that the problems are still difficult to solve, with the hopes of drafting updated standards by 2022 to 2023.

There are still many questions, though. Implementing these new methods could be difficult, expensive, or time and data consuming, explained Roberta Faux, representing the private company Envieta Systems. And companies will still need to take the time and effort to make the transition.

Then thereâ€™s the human element, said Jeremy Blackthorne of Boston Cybernetics Institute at the AAAS conference. Blackthorne essentially hacks computers for the good guys to test security, as he explains it. Lots of present-day attacks donâ€™t require breaking codes at all, he pointed outâ€”you can just ask people for a password, and they will give it to you. He alluded to all of the recent data breaches as evidence (like Equifax, Yahoo, etc). â€śIf I had a quantum computer... Iâ€™d use it where I could, but it wouldnâ€™t necessarily change everything for some targets.â€ť

Advertisement

But how could you be sure that a quantum encryption strategy works, given the potential for new, undiscovered quantum algorithms? People are working to solve these quandaries of post-quantum cryptography. We hope that the new encryption strategies are ready before a Shorâ€™s algorithm-breaking computer is.