309 views
0

WHY THIS MATTERS IN BRIEF

When large quantum computers come online circa 2025 over 70 percent of the world’s encryption will be at risk, so companies need to adopt new method to protect themselves and their data.

 

As quantum computing becomes an increasingly “real” technology, moving out of the labs and into the cloud where it’ll be available as a service as early as 2020, the global security community, and anyone who cares about security, especially encryption, is on the clock. Most experts agree that these insanely powerful computer systems, that have already demonstrated they’re at least 100 million times faster at processing information than today’s top of the line traditional computing platforms, will be able to crack the vast majority of today’s modern crypto, including RSA-1024, -2056, -4096, ECC-256 and ECC-521, Diffie Hellman and Elliptic Curve Diffie Hellman crypto, in just days and minutes, not billions or trillions of years as it would take today, laying all secrets bare for all to see. That said though, many experts also agree that in order to crack these crypto systems these beasts will have to reach 10,000 Qubits in size, a milestone we’re still a long way from achieving, with many estimating the early 2030’s.

 

RELATED
Lockheed Martin awarded contract to arm US Navy destroyers with lasers

 

All that said though companies still shouldn’t be complacent about the threat posed to crypto by tomorrow’s powerful quantum computing platforms. As a result, and as companies also start attempting to build the first quantum safe blockchains, a new report out today from the Cloud Security Alliance’s (CSA) Quantum Safe Security Working Group says that security researchers, vendors and enterprises need to start working now if they want to beat quantum’s cryptographic buzzer and keep their information safe. But considering how long it takes for the IT world to transition to new encryption measures when old ones wear thin, the CSA report warns that the window until quantum computing reaches widespread adoption, which they estimate to be about 10 to 15 years, doesn’t give companies as much of a cushion as many would like.

“Cryptographic transitions take time, often a very long time,” the report explains, pointing to the decade long transition it took to get from 1024 to 2048-bit RSA key sizes, or the move to elliptic curve-based cryptography (ECC).

“The transition to quantum resistant cryptography is likely to take at least ten years. It is therefore important to plan for transition as soon as possible,” says the report.

 

RELATED
A fifth of the Dark Web just got shut down

 

The good news though is that researchers have been working on this problem for a long time and they’ve got some good ideas on where cryptography should be headed. For example, NIST just last month held a workshop that featured some 80 research submissions in its Post Quantum Crypography Standardization initiative. The CSA report offers a breakdown of five of the most promising categories of cryptographic methods that could stand as post-quantum cryptography alternatives, and these include Lattice based cryptography, Hash based schemes, Elliptic curve encryption, Multivariate cryptography, and last but not least Code based cryptography.

According to Roberta Faux, lead author of the CSA report, there are pros and cons for each class of algorithm and it’s going to take some time for researchers, and later, security engineers, to figure out which is best for a workable standard.

For example, she says the community is going to have to have a lively debate to balance out three big trade-offs, namely key size, bandwidth and confidence level.

 

RELATED
Facebook gets an EU E-Money license, parks its bus on the banks lawns

 

If, for example, you consider code based schemes, they’ve got a fast computational speed and they’ve been around so long that they’ve got a high degree of confidence from many in the security community. But their key size is large – some might say impractically so, Faux says. Meanwhile, Isogeny based cryptography has got small key sizes but the computation is still expensive and it’s relatively new so there’s less confidence there, and so on.

“I think the community agrees that we still need more time to investigate the wide range of post-quantum cryptographic algorithms,” Faux says, “and [to] understand the issues involved in migrating from existing public key cryptography to post-quantum cryptography.”

But that said, time, it seems is no longer on their side. Tick tock tick tock BOOM!?

About author

Matthew Griffin

Matthew Griffin, described as “The Adviser behind the Advisers” and a “Young Kurzweil,” is the founder and CEO of the 311 Institute, a global futures think tank working between the dates of 2020 to 2070, and is an award winning futurist, and author of “Codex of the Future.” Regularly featured in the global media, including AP, BBC, CNBC, Discovery, RT, and Viacom, Matthew’s ability to identify, track, and explain the impacts of hundreds of revolutionary emerging technologies on global culture, industry and society, is unparalleled. Recognised for the past six years as one of the world’s foremost futurists, innovation and strategy experts Matthew is an international speaker who helps governments, investors, multi-nationals and regulators around the world envision, build and lead an inclusive, sustainable future. A rare talent Matthew’s recent work includes mentoring several Education and Lunar XPrize teams, building the first generation of biological computers and re-envisioning global education with the G20, and helping the world’s largest conglomerates ideate the next 20 years of intelligent devices and machines. Matthew's clients include three Prime Ministers and several governments, including the G7, Accenture, Bain & Co, BCG, BOA, Blackrock, Bentley, Credit Suisse, Dell EMC, Dentons, Deloitte, Du Pont, E&Y, HPE, Huawei, JPMorgan Chase, KPMG, McKinsey, PWC, Qualcomm, SAP, Samsung, Sopra Steria, UBS, and many more.

Your email address will not be published. Required fields are marked *