Quantum Computing Will Break Encryption

Uploaded on 2019-04-01 in TECHNOLOGY--Developments, FREE TO VIEW, TECHNOLOGY-Key Areas-Quantum Computing

Modern public-key encryption is currently good enough to meet enterprise requirements, according to experts. Most cyberattacks target different parts of the security stack these days, unwary users in particular. Yet this stalwart building block of present-day computing is about to be eroded by the advent of quantum computing within the next decade, according to experts.

“About 99% of online encryption is vulnerable to quantum computers,” said Mark Jackson, scientific lead for Cambridge Quantum Computing, at the Inside Quantum Technology conference in Boston on Wednesday 20th March.

Quantum computers, those that use the principles of quantum entanglement and superposition to represent information, instead of electrical bits, are capable of performing certain types of calculation orders of magnitude more quickly than classical, electronic computers. 

They’re more or less fringe technology in 2019, but their development has accelerated in recent years, and experts at the IQT conference say that a spike in deployment could occur as soon as 2024. Lawrence Gasman, president of IQT, compared the current state of quantum computing development to that of fiber-optic networking in the 1980s, a technology with a lot of promise, but one still missing one or two key pieces.

“Optical amplifiers were what got optical networking going,” he said. “Without them, they’d really have never turned into what they are today.”

Pure research, the military, and the financial sector are the prime movers behind quantum computing in general and quantum security in particular, according to Gasman. The latter, in particular, has been an enthusiastic early adopter of the technology.

“If you look at the amount of money lost to credit card fraud, that’s a huge driver,” he noted.

A shift to either different types of classical encryption, some algorithms have proven to be resistant to quantum computing, or to quantum computing-based security is going to be necessary.

Quantum computing-based security technology is effective because it relies on two of the best-known properties of quantum physics, the idea that observing a particle changes its behavior, and that paired or “entangled” particles share the same set of properties as the other.

What this means, in essence, is that both parties to a message can share an identical cipher key, thanks to quantum entanglement. In addition, should a third party attempt to eavesdrop on that sharing, it would break the symmetry of the entangled pairs, and it would be instantly apparent that something fishy was going on.

“If everything is working perfectly, everything should be in sync. But if something goes wrong, it means you’ll see a discrepancy,” said Jackson.

It’s like a soap bubble, according to Brian Lowy, vice president at ID Quantique SA, a Switzerland-based quantum computing vendor, mess with it and it pops.

“At some point, you’re going to have to factor [quantum computing],” he said, noting that, even now, bad actors could download encrypted information now, planning to crack its defenses once quantum computing is equal to the task.

The precise day of the shift will vary by industry, according to Paul Lucier, vice president of sales and business development at quantum computing security vendor Isara.Devices that have short usage life like smartphones aren’t in immediate danger, because quantum security technology ought to be sufficiently miniaturized by the time quantum codebreaking is powerful enough to undercut modern public-key encryption.

It’s verticals like the automotive industry and the infrastructure sector that have to worry, Lucier said. Anything with a long service life and anything that’s expensive to repair and replace is potentially vulnerable. 

That’s not to say that it’s time to rip-and-replace immediately. Standards bodies are expected to approve quantum-safe encryption algorithms at around the same time experts are predicting that quantum-powered decryption threatens modern security, so a hybrid approach is possible.

But the threat is very real, so much so that the Act became law in December of last year. The act calls for official advisory groups to be formed by the executive branch, and directs research funding for further exploration of quantum computing technology. So be prepared, the experts at the IQT conference all agreed.

“We think by 2026, if you’re not ready with your systems prepared, you’re taking a giant risk,” said Lucier.

NetworkWorld

You Might Also Read:

Quantum Computing Will Overtake Conventional Computing:

 

 

 

« Combining AI’s Power With Self-Centered Human Nature Could Be Dangerous
Ukraine Battles To Combat Election Hackers »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

Alan Turing Institute

Alan Turing Institute

Alan Turing Institute is the UK national institute for data science. A major focus is Big Data analysis with applications including cyber security.

Kount

Kount

Kount's “decision engine” platform is ideal for managing fraud in online/telephone channels that process payments and onboard new customers.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

CyBOK - University of Bristol

CyBOK - University of Bristol

CyBOK is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

TrustMAPP

TrustMAPP

TrustMAPP automates cybersecurity & privacy assessments, with universal workflow, allowing teams to generate analytics and recommendations to align priorities for improvement.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

Trustify

Trustify

Trustify is a Managed Security Service Provider offering a suite of world-class Cyber Risk Management services.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Cyber Intelligence House (CIH)

Cyber Intelligence House (CIH)

Cyber Intelligence House provides risk exposure solutions for a wide range of audiences including companies, government agencies, regulators, investors, law enforcement and consumers.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

Core Sentinel

Core Sentinel

Australia's #1 Penetration Testing Service. Make Your Systems Fully Compliant With Our OSCE CREST/CISA Certified Penetration Testing.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Normalyze

Normalyze

Normalyze are solving some of the most painful problems enterprise IT security teams face in the cloud and data security space. We help enterprises protect all the data they run in the cloud.

CAT Labs

CAT Labs

CAT Labs is building digital asset recovery and cybersecurity tools to enable governments to fight crypto crime and to protect investors from hacks, fraud and scams.