Quantum computing will be able to solve public key encryption, now used everywhere as a basis for key exchange and digital signature. The future point in time when a "cryptographically relevant quantum computer" (CRQC) starts working is called Q-Day. Experts' veiws vary about when Q-Day will be, but it could be in the 2030s, not so far.
Moreover, threats are already in motion. It's called: Harvest Now, Decrypt Later (HNDL).
Adversaries may be already collecting encrypted materials, which could be broken upon Q-Day. Suppose Q-Day is ten years from now. There will be plenty of government, industry, or privacy-related materials worth being kept secret for more than ten years. HNDL means all these are now in jeopardy.
Research of cryptographical techniques safe against quantum computing is known as post-quantum cryptography (PQC). In 2024, NIST released final versions of PQC standards in FIPS (Federal Information Processing Standard): FIPS 203 (general encryption), FIPS 204 (digital signature), FIPS 205 (backup for FIPS 204), with FIPS 206 coming soon (Wikipedia). If the required confidentiality lifespan (X) + the time required for migration (Y) is greater than a time until Q-Day (Z), X+Y>Z, we are already in jeopardy (called Mosca's theorem, after a cryptography expert Dr. Michele Mosca.) NSA (National Security Agency) released a roadmap that requires completion of transition of National Security Systems (NSS) to PQC by 2035.
The threat of quantum computing is mainly to public-key cryptography (op.cit.). One asseses algorithms such as AES or SHA-2 can be continued in use with longer keys (paloalto).
Power of quantum computing stems from exploiting quantum mechanical properties whereby one qubit (a unit of information corresponding to a classical bit) may represent a superposition of both states 0 and 1. It allows parallel processing. Solving a problem in a quantum computer requires formulating the problem to be handled with such qubits. Integer factorization is one task which can be efficiently solved by using superposition states (Shor's algorithm). Thus, the RSA encryption, the basis of public key encryption, will be broken. Elliptic curve encryption is vulnerable as well.
Such a quantum computing algorithm is not known for, for example, AES, the standard symmetric-key encryption algorithm, though according to SecurityWeek, Grover's algorithm can reduce AES 256 to AES 128, halving the length of the key.
No comments:
Post a Comment