Cyber security in the post-quantum era
It is being predicted that quantum computers pose a threat to the security of today’s encryption methods and therefore to the security of digital communication. But how could these potential threats materialize? What is the state of research in the field of post-quantum cryptography and which systems will be affected first? To answer this, we should first take a look at what distinguishes quantum computers from conventional computers and how their huge potential can be explained.
Quantum computers - a brief overview
When people talk about quantum computers, they usually mean a special type of architecture, the so-called quantum gate computer, such as the Q-Devices developed by IBM or Google’s 54-QuBit computer (1). Quantum gate computers represent the vision of a universally applicable quantum computer, as they allow the use of any algorithm, but currently still face major challenges in the area of quantum error correction or scaling the number of qubits. Another technologically interesting type of architecture is the quantum annealer. These are quantum computers that are based on the adiabatic development of a quantum system and are particularly suitable for optimization problems. Even if the latter are not universally applicable computers, their potential field of application ranges from predictive models to machine learning (2). Quantum annealers that can already be used are developed and marketed by the Canadian company D-Wave, for example.
Unlike supercomputers, which derive their computing power from processors working in parallel, quantum computers fundamentally consist of one large processor. This means that the parallel processing of data takes place in one computing unit. This is made possible by the quantum mechanical principles of superposition and entanglement. The number of possible parallel calculations increases exponentially with the number of QuBits used (1).
Quantum algorithms shake the security of today’s encryption standards
The majority of communication on the Internet and in other communication networks, which is considered secure, is protected against unauthorized access by a combination of symmetric and asymmetric cryptosystems. Various algorithms are used here, such as the RSA (Rivest-Shamir-Adleman) method, which belongs to the asymmetric cryptosystems, or elliptic curve cryptography (ECC). With the appropriate encryption strength, these methods are currently considered sufficiently secure. This security is based on the mathematical complexity of potential solutions.
However, the security of communication ultimately also depends on the passwords used to generate cryptographic keys. With the computing power available today and depending on the algorithm used, passwords consisting only of numbers and up to 10 digits, for example, are considered to be “immediately” crackable. With increased complexity, for example the addition of upper and lower case letters, the time required to decrypt the password using conventional “brute force” methods can quickly become a month or more. The increase in password complexity automatically leads to higher security. With a password length of 14 characters including upper and lower case letters, it can take up to 800,000 years to decrypt a password. Quantum computers can counter this theoretical security with an enormous parallel computing capacity and thus jeopardize the security of complex passwords, but ultimately also of algorithms themselves, which are based on previously sufficiently complex mathematical problems. But will quantum computers soon become powerful enough?
One might think that the motto “The mind is willing, but the body is weak” applies in the quantum world, insofar as the currently available quantum gate computers, as a universally applicable type of quantum computer, still have to contend with a few considerable real-world shortcomings. On the other hand probabilistic quantum algorithms have existed for decades that would be able to penetrate modern encryption systems in a relatively short time. One of these algorithms is the Shor algorithm, for which it is possible to solve the factorization problem of integers (RSA) as well as the calculation of discrete logarithms (ECC) on polynomial time scales. Depending on the source, this results in a required number of around 6000 stable QuBits, which are necessary to penetrate an RSA-2048 bit encryption in a sufficiently short time (3). Even if IBM wants to have a quantum computer with 1000 QuBits by 2023 (4), the technical challenges of scaling are still huge.
Quantum Supremacy still a long way off in the field of cyber security?
Pessimistic voices assume that a universal quantum computer with a large number of stable QuBits may never exist (5). So can we assume that we will be safe for years to come at least?
It is true that the development of a stable quantum gate computer with a correspondingly large number of QuBits is certainly still a primarily academic challenge, and the commercial use of such could still be years away. However, it is also true that nobody can read a crystal ball. It is not without reason that many large tech companies such as Microsoft, IBM and Google are investing in the development of new quantum computers and young companies such as IQM and Rigetti are working on the big breakthrough. Different architectural approaches are being pursued, which in turn underlines the diverse development potential in the field of quantum computing. And even if the universal quantum gate computer may not be around the corner, “quantum supremacy” in the field of cybersecurity is perhaps closer than one might think.
The quantum annealers mentioned at the beginning are already in productive use at companies such as Volkswagen, Airbus, NASA and Lookheed Martin (6), but are limited to solving optimization problems. Not surprisingly, scientists are trying converting the factorization problem for penetrating RSA encryption into an optimization problem and avoiding the application of quantum algorithms such as Shor’s algorithm (7, 8, 9). In 2020, Chinese scientists achieved this for the first time by using a D-Wave quantum computer to factorize large integers (10). With the optimization of algorithms and the resolution of technical challenges, the penetration of modern encryption methods also appears to be within the possible mid-term solution space of quantum computers (11).
There is another dimension to consider when protecting confidential data. So-called “Store now, decrypt later” attacks are already taking place today, the declared aim of which is to collect data from citizens, insured persons and customers in order to decrypt and then use this data as technological processes advance. The main target here is data with long confidentiality periods, such as personal health data, company secrets and data from the financial and security sectors.
Post-quantum cryptography and QuNET
Consequently, there are intensive efforts worldwide in the field of post-quantum cryptography (PQK) to secure communication and data as soon as possible also against the use of powerful quantum computers. One example is the German QuNET initiative, in which the Fraunhofer and Max Planck Society, together with the German Aerospace Center (DLR), are developing technologies for a pilot project’s network to facilitate secure quantum communication. In the USA, too, intensive work is currently being done on recommendations for post-quantum cryptography. The US National Institute of Standards and Technology (NIST) is currently in the process of standard recommendation for algorithms in the area of PQK (12, 13).
Quantum Computing: Risks and Opportunities
The question remains what you can do to prepare for this post-quantum era. In addition to understanding the dangers of technology, protecting vulnerable data is a top priority. Today, your own IT systems should be secured against misuse according to modern standards in order to best protect data and infrastructure from future misuse (see “Store now, decrypt later”). At the same time, quantum computing should also be seen as an opportunity with a variety of use cases: The rapid processing of large amounts of data and complex models offers the opportunity for improved and new business models (1).
Please note that this article has originally been published with a former employer and is available here in its original german version in full length