Cloud Hosting

Quantum computers are an emerging technology that will revolutionize several aspects of computational power across countless fields. One of the more concerning predictions is the likelihood that quantum computers will eventually break and expose many of the technologies we use to secure information transmissions and storage today. In fact, The Department of Commerces National Institute of Standards and Technology (NIST) believes that many of our present-day encryption methods could possibly be at risk as early as the latter half of this decade.

Throughout the worlds businesses, industries and governments, there are several strong cryptographic methods that are being used to protect digital data at rest and in transit, at least, for now. These methods are based on highly complex and provable mathematical processes which, to date, have stood the test of time, yet significant successes in quantum computer development are continuously announced in the newstake IBM, for example. At the end of the day, the question is not if, but rather when quantum computers will be able to break into our most popular secure networks and databases.

Some of todays most popular cryptographic methods will easily fall in the early years of viable quantum computing, while others may live to see another day. There is already an attack method, Shors Algorithm, which implies that encryption systems (such as PKI) relying on asymmetric cryptography could be broken with ease, given a sufficiently large quantum computer. In other words, cryptography methods, such as TLS and mTLs, could become vulnerable once quantum computers reach more mature levels.

On the other hand, NIST believes symmetric encryption is more resilient and will likely last, but this is still dependent on the size of the symmetric key generator. Another attack method, Grovers Algorithm, could be used against symmetric encryption key generators by halving their equivalent size. For instance, a symmetric encryption algorithm, like AES256, would normally require a quantum computer to guess the exact bits of a 256-bit key to break the encryption. To put that in perspective, this would require you to guess one particular set of bits from a pool of two to the power of 256. You dont need to do the math to know that this is an unimaginably large number of possibilities to choose from, but Grovers Algorithm would minimize the problem by narrowing this pool by two to the power of 128 possible keys. Thats still quite a big guess, so its safe to assume the AES256 algorithm could withstand a quantum computer attack for years to come, but smaller encryption algorithms will not be as fortunate.

So, whats the worst-case scenario? Are security systems ready for whats to come? Many of the worlds data security systems and critical infrastructure are using security encryption methods that may not be defendable in the world of quantum computing. Todays public-key cryptography systems are pervasive and could be conquered in the first wave of compromises. Not to mention, encrypted databases that have been or are being encrypted with quantum-weak technologies will likely be at risk and exposed in the earliest years of exploitation. Our data security infrastructures will need more than re-planning, re-designing and re-deployments over the duration of the decade, and this will be a major undertaking.

Devoting some time and energy to following the progression of quantum computing availability, as well as new developments in data encryption technologies and tools aimed at quantum resistance, is a highly worthy investment. Now is the time to start preparing, first by recognizing the fact that quantum computers are coming and bringing potential threats of massive proportion along for the ride. Its not too early to start taking inventory of your present and future data encryption assets and system architectures. Many encryption systems and technologies may eventually need significant architectural and component changes, so you will need to learn which systems will be the most vulnerable. Ignoring or wishing the problem away is not a long-term option. There appear to be some present-day cryptographic algorithms that will last years into the quantum era, like AES256. Several new and alternative quantum-resistant encryption algorithms are surfacing, as well. While they may not be one-to-one replacement algorithms for the way current encryption systems operate, they are paving the way for continued research.

Original post:
Encryption Evolution is on the Horizon - Security Boulevard