Quantum Computing is an emerging field in computer science with the predicted abilities to be far greater than the classical computers we use today. “Quantum computers leverage quantum mechanical phenomena to manipulate information. To do this, they rely on quantum bits, or qubits.” This allows for exponentially greater computational power when compared to even the most powerful classical computers. With this new technology in development many have concerns over IT security as quantum computers are predicted to break common public-key cryptography schemes. This would be a devastating blow to IT security as encryption would no longer have the same amount of protection it does today. In this paper you will find an exploration into this concern as well as possible solutions as well as other possible uses for quantum computers as they relate to IT security.
Quantum Computing and the future of IT Security
While quantum computers are still in their infancy, they eventually will be able to solve problems far too complex for classical computers to solve. The main concern over this is the ability to solve algorithms behind encryption keys. These encryption keys are used to protect our own personal data as well as all data being stored in computers in general. The security infrastructure that we use to protect all types of data would be redder useless in a short amount of time.
Shor’s Algorithm
Encryption today is largely based on complex” mathematical formulas that would take today’s computers an impractically large amount of time to decode.” To illustrate this, it is easy to take two numbers and multiply them together in order to create a product. However, it is much harder for a computer to start with a large number and factor it into its two prime numbers. Quantum computers with enough qubits can “easily factor large numbers and break the code.” The algorithm that was developed to do this very thing is known as Shor’s algorithm, developed by Peter Shor.
If quantum computers develop to a sufficient level to run this algorithm, then the encryption methods we use today such as the ones behind RSA will be broken. This means that the way we use encryption over the internet today would become ineffective and data could be stollen a lot easier. Data authenticity and integrity would no longer be a guarantee as it is transmitted. While this reality is far into the future, now is the time to think about possible defenses against this kind of threat.
Nationally Sanction Cyber Attacks
The first institutions that are likely to use quantum computing for cyber-attacks most likely will be government agencies. Due to the nature of quantum computer and the large cost of developing and using them, only wealthy governments will have the resources in order to use such computers. What this means for cyber security in nationally sanctioned cyber-attacks on other foreign governments. As computers and network technology grows, governments around the world have used them to attack other countries. This takes the form of information hacks as well as things like power grids and water treatment facilities and even election related matters. According to the Center for Strategic & International Studies (CSIS), hundreds of cyber-attacks have been orchestrated by government agencies around the world since 2006.
Once quantum computers become powerful enough, they may be use by powerful governments to break other foreign government’s encryption methods. It is clear that national sanctioned cyber-attacks is prevalent in today’s societies, and governments are constantly looking for tools in order to make hacking easier. In 2018, Congress signed the “National Quantum Initiative Act” which aims to streamline quantum computing development in the US. Individual threat actors will not have access to quantum computers anytime soon making this encryption breaking concern for only the most powerful entities such as national governments.
Quantum-Safe Cryptography.
One possible solution to the concern over the quantum computer’s potential to break encryption methods is the development of Quantum-Safe Cryptography. Also known as “post-quantum or quantum-resistant, refers to cryptographic algorithms that are known to be resilient to quantum computer-enabled attacks.” Since current popular public-key algorithms such as RSA and ECC depend on “the difficulty of factoring large prime numbers,” they can be broken by Shor’s Algorithm thus making them vulnerable. While quantum-safe cryptography is not fully developed they are already making significant progress and are preparing draft standards as soon as 2022. “NIST will likely standardize multiple algorithms for digital signatures to replace the signatures specified in FIPS 186-4 (such as RSA, DSA and ECDSA), as well as multiple key-encapsulation mechanisms (KEMs) algorithms to replace the key-establishment algorithms specified in NIST SP 800-56 A/B (such as DH, ECDH, MQV, and RSA OAEP.)”
Ultimately what this means is the concern over quantum computers breaking security is well under control. It will be a long time before a quantum computer is powerful enough to break the current encryption methods we use as of now. The most powerful quantum computer as of today is IBM’s quantum computer with under a hundred qubits. The early estimations for how powerful a quantum computer may be to break the RSA encryption method is several million qubits. We have ample amounts of time and security protocols to deal with this kind of problem.
0 Comments