Quantum Computing Will Break Encryption

Uploaded on 2019-04-01 in TECHNOLOGY--Developments, FREE TO VIEW, TECHNOLOGY-Key Areas-Quantum Computing

Modern public-key encryption is currently good enough to meet enterprise requirements, according to experts. Most cyberattacks target different parts of the security stack these days, unwary users in particular. Yet this stalwart building block of present-day computing is about to be eroded by the advent of quantum computing within the next decade, according to experts.

“About 99% of online encryption is vulnerable to quantum computers,” said Mark Jackson, scientific lead for Cambridge Quantum Computing, at the Inside Quantum Technology conference in Boston on Wednesday 20th March.

Quantum computers, those that use the principles of quantum entanglement and superposition to represent information, instead of electrical bits, are capable of performing certain types of calculation orders of magnitude more quickly than classical, electronic computers. 

They’re more or less fringe technology in 2019, but their development has accelerated in recent years, and experts at the IQT conference say that a spike in deployment could occur as soon as 2024. Lawrence Gasman, president of IQT, compared the current state of quantum computing development to that of fiber-optic networking in the 1980s, a technology with a lot of promise, but one still missing one or two key pieces.

“Optical amplifiers were what got optical networking going,” he said. “Without them, they’d really have never turned into what they are today.”

Pure research, the military, and the financial sector are the prime movers behind quantum computing in general and quantum security in particular, according to Gasman. The latter, in particular, has been an enthusiastic early adopter of the technology.

“If you look at the amount of money lost to credit card fraud, that’s a huge driver,” he noted.

A shift to either different types of classical encryption, some algorithms have proven to be resistant to quantum computing, or to quantum computing-based security is going to be necessary.

Quantum computing-based security technology is effective because it relies on two of the best-known properties of quantum physics, the idea that observing a particle changes its behavior, and that paired or “entangled” particles share the same set of properties as the other.

What this means, in essence, is that both parties to a message can share an identical cipher key, thanks to quantum entanglement. In addition, should a third party attempt to eavesdrop on that sharing, it would break the symmetry of the entangled pairs, and it would be instantly apparent that something fishy was going on.

“If everything is working perfectly, everything should be in sync. But if something goes wrong, it means you’ll see a discrepancy,” said Jackson.

It’s like a soap bubble, according to Brian Lowy, vice president at ID Quantique SA, a Switzerland-based quantum computing vendor, mess with it and it pops.

“At some point, you’re going to have to factor [quantum computing],” he said, noting that, even now, bad actors could download encrypted information now, planning to crack its defenses once quantum computing is equal to the task.

The precise day of the shift will vary by industry, according to Paul Lucier, vice president of sales and business development at quantum computing security vendor Isara.Devices that have short usage life like smartphones aren’t in immediate danger, because quantum security technology ought to be sufficiently miniaturized by the time quantum codebreaking is powerful enough to undercut modern public-key encryption.

It’s verticals like the automotive industry and the infrastructure sector that have to worry, Lucier said. Anything with a long service life and anything that’s expensive to repair and replace is potentially vulnerable. 

That’s not to say that it’s time to rip-and-replace immediately. Standards bodies are expected to approve quantum-safe encryption algorithms at around the same time experts are predicting that quantum-powered decryption threatens modern security, so a hybrid approach is possible.

But the threat is very real, so much so that the Act became law in December of last year. The act calls for official advisory groups to be formed by the executive branch, and directs research funding for further exploration of quantum computing technology. So be prepared, the experts at the IQT conference all agreed.

“We think by 2026, if you’re not ready with your systems prepared, you’re taking a giant risk,” said Lucier.

NetworkWorld

You Might Also Read:

Quantum Computing Will Overtake Conventional Computing:

 

 

 

« Combining AI’s Power With Self-Centered Human Nature Could Be Dangerous
Ukraine Battles To Combat Election Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perkins Coie LLP

Perkins Coie LLP

Perkins Coie LLP is an internationalk law firm with offices across the USA and Asia. Practice areas include Privacy and Data Security.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

CANVAS Consortium

CANVAS Consortium

The CANVAS Consortium aims to unify technology developers with legal and ethical scholar and social scientists to approach the challenges of cybersecurity.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Cyscale

Cyscale

Cyscale is a consultancy and development agency helping Enterprises adopt and migrate to the Cloud by providing an Automated Cloud Security Platform.

Cyber Police of Ukraine

Cyber Police of Ukraine

Cyber Police of Ukraine is a law enforcement agency within the the Ministry of Internal Affairs of Ukraine dedicated to combating cyber crime.

HSB

HSB

HSB offers insurance for equipment breakdown, cyber risk, data breach, identity recovery & employment practices liability.

Cyber Intelligence 4U

Cyber Intelligence 4U

Cyber Intelligence 4U is an educational services company that provides two levels of cybersecurity training programs: executive and technical.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

SNC-Lavalin

SNC-Lavalin

SNC-Lavalin is a fully integrated professional services and project management company with offices around the world.

AWARE7

AWARE7

IT security for human and machine. With the help of our products and services, we work with you to increase the IT security level of your organization.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.

Halcyon

Halcyon

Halcyon is the industry’s first dedicated, adaptive security platform focused specifically on stopping ransomware attacks.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.