Your data may be safe from a quantum attack... for now. When quantum computers develop the ability to crack present-day encryption mechanisms, will you be ready?

Currently, lots of data is encrypted based on public key cryptography, which relies on a simple principle: Some math problems, like factoring large numbers into primes, are hard for a computer to solve. But thereâs an algorithm, called Shorâs algorithm, that would be able to complete this task quite easily with the help of a quantum computer. Weâve been talking about it forever, but scientists and others are working really hard to figure out how to supplant present-day public key cryptography strategies so theyâre immune from a quantum attack.

âFor public key cryptography, the damage from quantum computer will be catastrophic,â Lily Chen, mathematician and leader of the National Institute of Standards and Technologyâs Cryptographic Technology Group, said in a session at the American Association for the Advancement of Scienceâs 2018 annual meeting in Austin, Texas. âWe must look for quantum resistant counterparts for these cryptosystems.â

Quantum computers are processors whose bits operate and interact with one another based on the rules of quantum mechanics. While this technology is nascent, quantum computers have a lot of potential to solve problems that classical computers canât. Computing with Shorâs algorithm is a little further on the horizon than other applications. But adapting to a new post-quantum landscape isnât just a quick patch download.

Advertisement

âIn the previous generations, itâs taken around 20 years between public key cryptography being published as a paper to people using it,â said Chen. âWe can do better, but it will still take time.â

NIST maintains present-day cryptographic standards, and is working to replace them with standards resistant to a quantum attack. After a call for proposals, they received 69 algorithms that could potentially be resistant to such an attack. Now, they must evaluate each one against both classical and quantum attacks to ensure that the problems are still difficult to solve, with the hopes of drafting updated standards by 2022 to 2023.

Advertisement

There are still many questions, though. Implementing these new methods could be difficult, expensive, or time and data consuming, explained Roberta Faux, representing the private company Envieta Systems. And companies will still need to take the time and effort to make the transition.

Then thereâs the human element, said Jeremy Blackthorne of Boston Cybernetics Institute at the AAAS conference. Blackthorne essentially hacks computers for the good guys to test security, as he explains it. Lots of present-day attacks donât require breaking codes at all, he pointed outâyou can just ask people for a password, and they will give it to you. He alluded to all of the recent data breaches as evidence (like Equifax, Yahoo, etc). âIf I had a quantum computer... Iâd use it where I could, but it wouldnât necessarily change everything for some targets.â

Advertisement

But how could you be sure that a quantum encryption strategy works, given the potential for new, undiscovered quantum algorithms? People are working to solve these quandaries of post-quantum cryptography. We hope that the new encryption strategies are ready before a Shorâs algorithm-breaking computer is.