A new consensus study report by the National Academies of Sciences, Engineering and Medicine provides a wide-ranging review of the quantum computing field and the impact of the technology on cryptography.
Throughout its history, advancements in quantum computing have tended to come in waves. First proposed in the 1980s as a method of exploiting quantum physics to improve computational modelling, it wasn’t until the 1990s, with the introduction of Shor’s algorithm, that the field began receiving interest from the wider scientific community.
Now, almost 25 years later, leaps forward in technology have seen the creation of the qubit alongside proof-of-concept quantum computers. Moreover, the practical applications of fully-functional quantum computers could be just decades away. No longer is progress seen in peaks and troughs, instead it is a constant drive.
A consensus study report by the National Academies of Science, Engineering and Medicine entitled ‘Quantum Computing: Progress and Prospects’ is the product of leading industry experts and academics, in which they discuss the past, present and – importantly – future of quantum computing.
In a wide-ranging review, the report provides an introduction to the field – including its characteristics and constraints of the technology – and “assesses the feasibility and implications of creating a functional quantum computer capable of addressing real-world problems.”
Quantum computers and cryptography
Importantly, the report dedicates a section to explain the key cryptographic tools that are deployed throughout today’s conventional computing systems and what is known about their susceptibility to quantum attack. Acknowledging that the very same technology designed to revolutionise computing can also pose a major cybersecurity risk, it states that “increases in computational power are desirable, except for applications that rely on the computational complexity of certain operations in order to function, which in this case is cryptography.”
The authors go on to analyse the current landscape of key exchange in both asymmetric and symmetric encryption, certificates and digital signatures and cryptographic hash functions and password hashing – showing the impact of a quantum computer on these areas. The report states that “practical quantum computing at scale would have a significant impact on several cryptographic algorithms currently in wide use” and names quantum-safe (post-quantum) algorithms as an answer.
Another cryptographic solution that the report touches on, but not in as greater detail, is an area that ID Quantique has been heavily involved with: Quantum Key Distribution (QKD). QKD transfers keys using photons of light along an optical link. Using the Heisenberg Uncertainty Principle, which states that observation causes perturbation in quantum physics, QKD guarantees the forward secrecy of the key so that it is impervious to both classical and quantum attacks.
Is now the time to prepare for quantum computing?
While a quantum computer that could compromise today’s cryptography is likely to be at least a decade away, it is imperative that new cryptography is deployed now. What’s more, with solutions such as Quantum Key Distribution commercially available today, organisations can take credible steps to securing their data in preparation of the quantum era.
The National Institute of Standards and Technology (NIST) are currently reviewing over 70 submissions to their post-quantum cryptography project and the process is expected to conclude by 2022-2024, with its selections likely to become frontrunners for broader standardisation.
The report goes on to emphasise that organisations should begin transitioning to quantum resilient procedures in order to prepare for an attack by such a system, even if a sufficiently advanced quantum computer does not arrive over the next 30 years.
This is a point that IDQ has stressed over recent years: the threat is here and you should act now. Doing so will protect data from both ‘live’ quantum attacks and ‘hack now, decrypt later’ incidents where cyber criminals steal encrypted data and decrypt it when the appropriate technology becomes available.
Lastly, beginning this transition now will enable organisations to allocate budget for quantum-safe security in their next budget, as well as move to new web standards – which take over a decade to fully replace.
Read the press release and access the full report here.
Stay one step ahead
Subscribe to our newsletters to receive breaking news, educational materials and product updates.