Encryption In The Face Of The Challenge Of Quantum Computing

Data security has become a priority. Today, encryption standards give us a high level of confidence. “There are several widely used encryption schemes. Depending on the purpose – digital signature and hash, key exchange, communications encryption, etc. – the standard varies substantially,” says Eusebio Nieva, director of Check Point Software for Spain and Portugal.

Among them all, the Advanced Encryption Standard 256 (AES-256) stands out. “The most widely used and most secure encryption standard currently in existence is AES-256, a 256-bit symmetric key algorithm that is even used by the National Security Agency (NSA) of the United States,” points out Jordi Busquets, Security Technical sales leader at IBM Spain, Portugal, Greece and Israel.

Marc Rivero, Senior Security analyst at Kaspersky, specifies that this standard is the most widespread and secure, being used “in wireless security, file encryption or connections using SSL/TLS (website security)”.

Quantum threat

However, the security offered by today’s encryption will be overtaken in the coming years. “As quantum systems become more powerful, information security will also be affected and will force improved data security both on-premises and in the cloud. If a quantum computer with enough qubits were to appear today, virtually all electronic communications would become unsafe. And even if such a device only appears several years from now, it could compromise all currently stored secret communications,” warns Mikel Díez, head of Innovation at IBM Spain, Portugal, Greece and Israel.

Busquets explains why. “Encryption schemes, particularly asymmetric ones, which are widely used today, are based on the complexity of certain types of mathematical problems, such as factoring integers or discrete logarithms, for example. However, quantum computing is particularly efficient at solving these problems, so a sufficiently powerful quantum computer could quickly decrypt encrypted data.”

Nieva gives an example of what this threat entails. “In the current way of working to encrypt a communication channel, for the final encryption of the communication, a symmetric key algorithm is used, of which AES is the most widely used, which uses a private key that has been shared between the communicators. To exchange this private key securely, a public key scheme is used, such as RSA, Diffie-Hellman… Therefore, if we can decrypt the content of the key exchange protocol, we will have breached the communication, since we would have in our possession the private key to be used in the AES algorithm”.

Already on the horizon

And when will that day come? Although it is already on the horizon, it is still a long way off. “Even with a quantum computer, it would take 2.29 x 1032 years to crack AES-256. This means it would take 200 times the lifetime of the universe. Even with parallel computing, for example, the Bitcoin network, with approximately 267 operations per second, it would take 70 x 1024 years to decrypt AES-128,” specifies Check Point’s director for Spain and Portugal.

Although he points out that “this scenario is radically different with respect to some of the algorithms”, since AES is more resistant to this type of attacks with quantum computing that could jeopardize public key algorithms.

However, everything may change in the coming years. “As quantum computing advances, the possibilities of being able to perform greater calculations that could lead to brute-force encryption vulnerabilities increase,” notes Rivero.

Díez points out that “at the current rate of progress in quantum computing, it is expected that the data protected by the asymmetric encryption methods used today could become insecure in the next 10-30 years”.

Nieva agrees. “A quantum computer with 20 million qubits could crack a 2048-bit RSA encryption scheme in about 8 hours. Last year IBM, built its Eagle processor with 127 qbits. Most estimates indicate that it will take about one to two decades to reach this point,” he says.

Moreover, under current conditions, and even if quantum computers are able to speed up the time needed to decrypt cryptography, a longer key could be used, so that encryption standards could remain secure for a few more years.

However, this solution also has drawbacks. “This method has its own set of challenges in terms of latency. Longer keys will require more resources to receive and decrypt the data, and might not even fit inside the tiny embedded chips used in many modern electronic devices. In this case, a user who wants to retrieve a payload of a few bytes might have to download an encrypted packet of several more sizes. For example, a 4 MB packet containing a 200-byte file,” details Martin Roesler, director of Trend Micro’s Forward-looking Threat Research (FTR) research team, in the article ‘How Quantum Computers May Affect Security’.

“While this may not seem like a big deal, it could have major consequences in real-life use, especially when it comes to real-time data transfer for certain technologies, such as vehicles, airplanes, surgical robots and any machine that needs fast and constant communication. For example, with a very long key, a turbine in an airplane might need 10 seconds to decrypt the commands coming from the pilot, instead of the almost instantaneous time needed with shorter keys,” he adds.

Cybercriminals on the prowl

Experts warn that cybercriminals are collecting vast amounts of data, waiting for the technology to decrypt it. “The threat is real. Data can be collected today, stored and decrypted in the future with a powerful enough quantum computer. The consequences could be infinite, from the exponential increase in fraud to the theft of sensitive or regulated information,” Busquets acknowledges.

Rivero also believes that “it is possible that information has been stolen that is encrypted with a type of encryption that is currently difficult to break, so they would be waiting for more computing power to break it”.

Thus, he considers that “in the future, having access to a supercomputer that is capable of attacking these encryption systems could lead to problems in data integrity and safeguarding by companies”.

The Check Point manager admits the existence of this threat, although he relativizes its potential impact. “In general, information has a limited lifespan. In other words, the use that can be made of this information will depend a lot on the quality and type of information encrypted and the time it takes to decrypt it. A user’s banking passwords will probably be useless for any purpose in 10-20 years. It will all depend on the availability of quantum technology to make the magnitude of the problem quantifiable,” he says.

Harnessing technology to our advantage

In the opposite direction, advances in supercomputing and quantum computing will also serve to strengthen security. “We will be able to have even more robust encryption algorithms, thanks to the calculation capacity with these supercomputers, in addition to being able to implement machine learning algorithms,” comments the Kaspersky expert.

Díez also predicts that “large-scale quantum computers will significantly expand computing power, creating new opportunities to improve cybersecurity”. In this way, he believes that “they will be able to help safeguard critical data and help detect cyber attacks better than is currently possible”.

For example, he anticipates that quantum computing “will enable the acceleration of machine learning processes, which have numerous applications in cybersecurity, such as the detection of anomalous activities and the prediction of threats“. Likewise, he predicts that it will contribute to “the improvement of random number generation based on the inherent randomness of quantum physical processes, which will provide the highest level of security.”

Towards a post-quantum world

What is clear is that we must start preparing for that post-quantum world. What should we do to do so? “First, perform a quantum risk assessment. In recent years, IBM has led research in secure quantum cryptography and, today, already offers a quantum risk assessment to determine the exposure of critical data, including cloud environments. It provides action plans that include robust risk and governance policies to ensure security in the advent of the quantum era,” said Díez.

On the other hand, Busquets points out that “organizations should already start selecting technologies with cryptographic capabilities resistant to the quantum-safe era“. For example, he specifies that “IBM has already incorporated quantum-safe algorithms in IBM Cloud, RedHat OpenShift in IBM Cloud, storage systems and in the recently announced z16 system”.

He further advises that “organizations that need to launch quantum-safe cryptography pilot projects should enlist the support of entities such as IBM Research, which has contributed to several of the quantum-resistant public-key cryptographic algorithms selected by the National Institute of Standards and Technology (NIST) for standardization, and which are ready today to advise on these initiatives.”

He stresses that “IBM Research, to facilitate the adoption of quantum-resistant cryptography, has developed cryptographic algorithms starting from a lattice cryptography suite called CRYSTALS, created in collaboration with several academic and commercial partners, which are based on the difficulty of mathematical problems that have been studied since the 1980s and have not succumbed to any algorithmic attack, neither classical nor quantum.” And he recalls that “CRYSTALS has been donated to OpenQuantumSafe.org, to continue developing open standards in the open source community”.

On his part, Nieva indicates that work is already underway on two types of scenarios or algorithms. “On one hand, QKD (Quantum Key Distribution), algorithms specifically designed to solve the problem of key distribution using quantum computation with its particular properties. This method requires a very expensive new infrastructure, both new optical fiber and new satellites. On the other hand, work is being done on QRA (Quantum Resistant Algorithms) or quantum computation resistant algorithms. Already since 2016, NIST has a competition to see which quantum-resistant algorithms will become the new standard for public key encryption,” he notes.

Although he admits that the future is uncertain. “The scenario where a new breakthrough in quantum computing invalidates current work and you have to start from scratch is also possible,” he says. In any case, he believes that “it is good policy to start using the longest possible keys, especially for the case of public-key cryptography, since it is this type of cryptography that is most affected.”

For his part, Roesler believes that “while it may be too early to completely overhaul security protocols to prepare for quantum computing, it would be a good idea for organizations to start planning for the future.” “This means watching and following the progress of the market for quantum computers, quantum computing technologies, in general, and the standards that will govern post-quantum cryptography. It is also important to decide whether to migrate current systems or replace them completely, which would require a lot of time and resources,” he says.