New quantum resistant crypto stops quantum computers spying on your data

0 0

By Matthew Griffin Security and Privacy 20th June 2018

WHY THIS MATTERS IN BRIEF

When large quantum computers come online circa 2025 over 70 percent of the world’s encryption will be at risk, so companies need to adopt new method to protect themselves and their data.

As quantum computing becomes an increasingly “real” technology, moving out of the labs and into the cloud where it’ll be available as a service as early as 2020, the global security community, and anyone who cares about security, especially encryption, is on the clock. Most experts agree that these insanely powerful computer systems, that have already demonstrated they’re at least 100 million times faster at processing information than today’s top of the line traditional computing platforms, will be able to crack the vast majority of today’s modern crypto, including RSA-1024, -2056, -4096, ECC-256 and ECC-521, Diffie Hellman and Elliptic Curve Diffie Hellman crypto, in just days and minutes, not billions or trillions of years as it would take today, laying all secrets bare for all to see. That said though, many experts also agree that in order to crack these crypto systems these beasts will have to reach 10,000 Qubits in size, a milestone we’re still a long way from achieving, with many estimating the early 2030’s.

Tesla enters the Hyperloop race, instantly breaks speed record

All that said though companies still shouldn’t be complacent about the threat posed to crypto by tomorrow’s powerful quantum computing platforms. As a result, and as companies also start attempting to build the first quantum safe blockchains, a new report out today from the Cloud Security Alliance’s (CSA) Quantum Safe Security Working Group says that security researchers, vendors and enterprises need to start working now if they want to beat quantum’s cryptographic buzzer and keep their information safe. But considering how long it takes for the IT world to transition to new encryption measures when old ones wear thin, the CSA report warns that the window until quantum computing reaches widespread adoption, which they estimate to be about 10 to 15 years, doesn’t give companies as much of a cushion as many would like.

“Cryptographic transitions take time, often a very long time,” the report explains, pointing to the decade long transition it took to get from 1024 to 2048-bit RSA key sizes, or the move to elliptic curve-based cryptography (ECC).

“The transition to quantum resistant cryptography is likely to take at least ten years. It is therefore important to plan for transition as soon as possible,” says the report.

Google Translate has made up its own secret language

The good news though is that researchers have been working on this problem for a long time and they’ve got some good ideas on where cryptography should be headed. For example, NIST just last month held a workshop that featured some 80 research submissions in its Post Quantum Crypography Standardization initiative. The CSA report offers a breakdown of five of the most promising categories of cryptographic methods that could stand as post-quantum cryptography alternatives, and these include Lattice based cryptography, Hash based schemes, Elliptic curve encryption, Multivariate cryptography, and last but not least Code based cryptography.

According to Roberta Faux, lead author of the CSA report, there are pros and cons for each class of algorithm and it’s going to take some time for researchers, and later, security engineers, to figure out which is best for a workable standard.

For example, she says the community is going to have to have a lively debate to balance out three big trade-offs, namely key size, bandwidth and confidence level.

China spends $300million to buy lab produced meats from Israel

If, for example, you consider code based schemes, they’ve got a fast computational speed and they’ve been around so long that they’ve got a high degree of confidence from many in the security community. But their key size is large – some might say impractically so, Faux says. Meanwhile, Isogeny based cryptography has got small key sizes but the computation is still expensive and it’s relatively new so there’s less confidence there, and so on.

“I think the community agrees that we still need more time to investigate the wide range of post-quantum cryptographic algorithms,” Faux says, “and [to] understand the issues involved in migrating from existing public key cryptography to post-quantum cryptography.”

But that said, time, it seems is no longer on their side. Tick tock tick tock BOOM!?

Matthew Griffin / About Author

Matthew Griffin, described as “The Adviser behind the Advisers” and a “Young Kurzweil,” is the founder and CEO of the World Futures Forum and the 311 Institute, a global Futures and Deep Futures consultancy working across the next 50 years, and is an award winning futurist, and author of “Codex of the Future” series.

Regularly featured in the global media, including AP, BBC, Bloomberg, CNBC, Discovery, RT, Viacom, and WIRED, Matthew’s ability to identify, track, and explain the impacts of hundreds of revolutionary emerging technologies on global culture, industry and society, is unparalleled. Recognised for the past six years as one of the world’s foremost futurists, innovation and strategy experts Matthew is an international speaker who helps governments, investors, multi-nationals and regulators around the world envision, build and lead an inclusive, sustainable future.

A rare talent Matthew’s recent work includes mentoring Lunar XPrize teams, re-envisioning global education and training with the G20, and helping the world’s largest organisations envision and ideate the future of their products and services, industries, and countries.

Matthew's clients include three Prime Ministers and several governments, including the G7, Accenture, Aon, Bain & Co, BCG, Credit Suisse, Dell EMC, Dentons, Deloitte, E&Y, GEMS, Huawei, JPMorgan Chase, KPMG, Lego, McKinsey, PWC, Qualcomm, SAP, Samsung, Sopra Steria, T-Mobile, and many more.