What Happens to Encryption in a Post-Quantum Computing World?

2024 Cybersecurity Predictions


So, what’s the issue when it comes to encryption and quantum computing?

Today’s asymmetric encryption algorithms, which are primarily used for key exchanges and digital signatures, are considered vulnerable to quantum computers. For example, using today’s traditional, digital, transistor-based computers, it’s estimated it would take 6 quadrillion CPU years to crack a 2048-bit RSA decryption key.7 But, quantum computers are able to consider multiple possible solutions simultaneously, making them orders of magnitude faster than today’s traditional computers and thus potentially able to crack today’s encryption algorithms in a very short amount of time.

“If quantum computers are able to crack contemporary encryption algorithms, then they could decrypt every bit of data ever encrypted prior to quantum computers—whether that data is a day old or decades old,” says David Holmes, Principal Threat Research Evangelist at F5. How likely are people to care about decrypting information that’s decades old? “It depends entirely on what the information is!” says Holmes. “Imagine a database that contains detailed information about a country’s spies who are still active, other types of military or government secrets, or a corporation’s proprietary formula for some chemical compound. It might still be relevant.”

To solve the encryption problem, then, we need new encryption algorithms that are designed to protect against cryptoanalysis by quantum computers—and, to Holmes’ point, we need to be working on them now.

Fortunately, many mathematicians, researchers, and engineers are doing that already. Several quantum computing-resistant algorithm candidates have already been submitted to the National Institute of Standards (NIST) for consideration. In turn, NIST has issued a timeline by which they’d like to see such an algorithm that’s ready to replace today’s asymmetric algorithms. NIST’s timeline for having a new standard drafted is essentially 7 years from now.

When asked what security pros should be doing about this now, Holmes replied, “For those worried about long-lived data in transit, they should be moving to forward secrecy to protect their data from future quantum computers. The rest probably have time to prepare.”

You can read more about how quantum computing will affect Transport Layer Security (TLS) specifically, get details about some of the candidate algorithms under consideration, as well as speculation about which one will be the likely winner—and why—in Holmes’ full report, How Quantum Computing Will Change Browser Encryption.



Source link
lol

So, what’s the issue when it comes to encryption and quantum computing? Today’s asymmetric encryption algorithms, which are primarily used for key exchanges and digital signatures, are considered vulnerable to quantum computers. For example, using today’s traditional, digital, transistor-based computers, it’s estimated it would take 6 quadrillion CPU years to crack a 2048-bit RSA decryption key.7 But,…

Leave a Reply

Your email address will not be published. Required fields are marked *