Quantum Computing Will Break Encryption

Uploaded on 2019-04-01 in TECHNOLOGY--Developments, FREE TO VIEW, TECHNOLOGY-Key Areas-Quantum Computing

Modern public-key encryption is currently good enough to meet enterprise requirements, according to experts. Most cyberattacks target different parts of the security stack these days, unwary users in particular. Yet this stalwart building block of present-day computing is about to be eroded by the advent of quantum computing within the next decade, according to experts.

“About 99% of online encryption is vulnerable to quantum computers,” said Mark Jackson, scientific lead for Cambridge Quantum Computing, at the Inside Quantum Technology conference in Boston on Wednesday 20th March.

Quantum computers, those that use the principles of quantum entanglement and superposition to represent information, instead of electrical bits, are capable of performing certain types of calculation orders of magnitude more quickly than classical, electronic computers. 

They’re more or less fringe technology in 2019, but their development has accelerated in recent years, and experts at the IQT conference say that a spike in deployment could occur as soon as 2024. Lawrence Gasman, president of IQT, compared the current state of quantum computing development to that of fiber-optic networking in the 1980s, a technology with a lot of promise, but one still missing one or two key pieces.

“Optical amplifiers were what got optical networking going,” he said. “Without them, they’d really have never turned into what they are today.”

Pure research, the military, and the financial sector are the prime movers behind quantum computing in general and quantum security in particular, according to Gasman. The latter, in particular, has been an enthusiastic early adopter of the technology.

“If you look at the amount of money lost to credit card fraud, that’s a huge driver,” he noted.

A shift to either different types of classical encryption, some algorithms have proven to be resistant to quantum computing, or to quantum computing-based security is going to be necessary.

Quantum computing-based security technology is effective because it relies on two of the best-known properties of quantum physics, the idea that observing a particle changes its behavior, and that paired or “entangled” particles share the same set of properties as the other.

What this means, in essence, is that both parties to a message can share an identical cipher key, thanks to quantum entanglement. In addition, should a third party attempt to eavesdrop on that sharing, it would break the symmetry of the entangled pairs, and it would be instantly apparent that something fishy was going on.

“If everything is working perfectly, everything should be in sync. But if something goes wrong, it means you’ll see a discrepancy,” said Jackson.

It’s like a soap bubble, according to Brian Lowy, vice president at ID Quantique SA, a Switzerland-based quantum computing vendor, mess with it and it pops.

“At some point, you’re going to have to factor [quantum computing],” he said, noting that, even now, bad actors could download encrypted information now, planning to crack its defenses once quantum computing is equal to the task.

The precise day of the shift will vary by industry, according to Paul Lucier, vice president of sales and business development at quantum computing security vendor Isara.Devices that have short usage life like smartphones aren’t in immediate danger, because quantum security technology ought to be sufficiently miniaturized by the time quantum codebreaking is powerful enough to undercut modern public-key encryption.

It’s verticals like the automotive industry and the infrastructure sector that have to worry, Lucier said. Anything with a long service life and anything that’s expensive to repair and replace is potentially vulnerable. 

That’s not to say that it’s time to rip-and-replace immediately. Standards bodies are expected to approve quantum-safe encryption algorithms at around the same time experts are predicting that quantum-powered decryption threatens modern security, so a hybrid approach is possible.

But the threat is very real, so much so that the Act became law in December of last year. The act calls for official advisory groups to be formed by the executive branch, and directs research funding for further exploration of quantum computing technology. So be prepared, the experts at the IQT conference all agreed.

“We think by 2026, if you’re not ready with your systems prepared, you’re taking a giant risk,” said Lucier.

NetworkWorld

You Might Also Read:

Quantum Computing Will Overtake Conventional Computing:

 

 

 

« Combining AI’s Power With Self-Centered Human Nature Could Be Dangerous
Ukraine Battles To Combat Election Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Zerto

Zerto

Zerto provides enterprise-class disaster recovery and business continuity software specifically for virtualized data centers and cloud environments.

Oracle Cloud Security

Oracle Cloud Security

Oracle’s cloud security solutions enable organizations to implement and manage consistent security policies across the hybrid data center.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

Atempo

Atempo

Atempo is a leading independent European-based software vendor with a global presence. We provide solutions to protect, store, move and recover all your data.

Hut Six Security

Hut Six Security

Train, test and track your Information Security culture through information security awareness training and customised phishing simulation campaigns.

CYDES

CYDES

CYDES is the first event in Malaysia to showcase advanced solutions and technologies to address cyber defence and cyber security challenges for the public and private sectors.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

Veridium

Veridium

Veridium is a leader in single step - multi factor biometric authentication, designed to safeguard enterprises’ most critical assets.

Stairwell

Stairwell

Stairwell is building a new approach to cybersecurity around a vision that all security teams should be able to determine what’s good, what’s bad, and why.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

Advantage

Advantage

Advantage exists to provide peace of mind in an evolving technology reliant world. We were created by visionaries who for nearly 4-decades have been passionate about providing world-class solutions.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Systems Engineering

Systems Engineering

Systems Engineering is a SOC 2, Type 2-certified IT strategy and managed technology services provider.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.