Another interesting technique is focused on lattice-based cryptography. Therefore, we would need to ensure a large enough key size (~768 bits) is computationally practical, which has been confirmed by research groups at the University of Waterloo. Because the Elliptic Curve Diffie-Hellman exchange (ECDHE) protocol is so ubiquitous, the Supersingular Isogeny Key Exchange, which is very similar to ECDHE and has forward secrecy, is a natural candidate to replace ECDHE even though it can be slightly quantum-weakened. Interestingly enough, it seems that elliptic curve cryptography can be broken with less qubits than RSA, making it even more vulnerable than the most famous quantum-breakable algorithm. Post-quantum cryptography techniques are already practicalĪ lot of applications use elliptic curve cryptography as the basis for encryption or key exchange, often suggested as an improvement to security over RSA. So protecting against quantum computing attacks is priority. Do you want foreign governments in control of your data? Once quantum computers are being used by labs and academics, and companies think they have plenty of time to protect against breaches, how do we prevent malicious use of quantum computers? With the internet of things and the increased breaches, is it safe to assume that the academics and researchers who have control of these systems remain in control? Academic institutions aren’t the most secure places, and with cyberattacks becoming more common, the idea that a hacker could take control of the first quantum computer for malicious use doesn’t really seem too crazy. But even if export of the technology is limited, do you really want to remain under the pre-quantum cryptography world, where the government or certain players can break your cryptography, but you just try and trust that they won’t? (History tells us, that if they can, they will).
We perhaps can trust that scientists and companies building the first quantum computers have no interest in getting into your bank account. We might be late on the traditional timeline for establishing quantum security standards, but that just means we need to start now. But there are known quantum-safe algorithms. There is currently no standard of encryption against a quantum computing attack. That timeline doesn’t even account for recent increases in funding for several areas of quantum computing research - logical qubit development, quantum error correction, quantum security, and additional post-quantum cryptography research have been announced this year in the USA and Europe. Small, useable quantum computers are less than a decade away. Establishing global post-quantum security standards We still have time, but we need to take the threat seriously. Post-quantum cryptography solutions do currently exist. When the first quantum computers are ready to go in the next 5–10 years, we need to have security protocols in place. With increased funding, quantum computing is moving into a “Manhattan Project” era, where the timeline to a small, useable quantum computer could be drastically reduced.
0 kommentar(er)
