Quantum Computers Is a Direct Threat Today to All Forms of Cryptography Used to Defend Our Data, Our Information, and Our Assets.
Whilst investing in companies developing Quantum machines is capturing all the glory and attention, there is another branch of Quantum Computing called PQC or Post Quantum Cryptography and it is available today. And it is one of the fastest growing areas in technology and something every business and government needs right now…
The so called ‘Quantum Threat’ has been confirmed by the intelligence community that have real concerns Quantum Computers will render all their security systems useless. The question is not IF but WHEN.,
A Quantum Computer is a different kind of computer that can perform specific tasks many millions of times more efficiently than classical computers. One of these tasks is breaking or cracking cryptography, all of them at once.
The good news is the rise of PQC, a different type of security approach that can defend against the ‘threat’, so that businesses may get ahead, protect their information but also gain what many refer to as the Quantum Advantage, we will get into later.
Quantum Machines have emerged from the laboratory in several different forms. It is no longer theory, science fiction or a concept. They are real, they are powerful and they are the future.
In the world of Quantum Computers there are algorithms that when supported by the next generation of machines that are more stable, will take a few seconds to break security systems that use public key encryption (Shor, Grove and others). However the good news is there are PQC solutions that are able to defend against what is to come, different forms of encryption that can defend and future proof information. These break-through approaches are already being deployed as part of broader strategies to defend key infrastructure, important assets and provide a new security layer for a world that is becoming autonomous, where devices, cars and machines interact.
The smart money is already moving into PQC which is the other side of the coin to the huge investments going into Quantum hardware and building out the new tech stack. New PQC solutions and their associated algorithms are available now and NIST have chosen the likely candidates that will become the new standards in this new exciting world of Post Quantum Cryptography from 2022.
One such company a British business — Post-Quantum.com whos founders worked in the intelligence services and contain some of the worlds leading cryptographers who have in the past designed military grade encryption systems that are used in the majority of satellites and on the battlefield today.
Do you need a Quantum Computer to deploy PQC…?
There are two popular cryptography systems used today, the first uses ‘symmetric’ schemes where sender and recipient share the same key to unlock the message, and second ‘asymmetric cryptography’, or public key cryptography where sender and recipient use different keys — as in Bitcoin represented as public key and a private key. Enter Quantum Computers that can very easily break today’s public key algorithms and threatens the business world that is entirely dependent on ‘digital infrastructures’ that are built using these key exchange protocols. The scene is set for a disaster waiting to happen.
The important point here is PQC is easy to deploy and doesn’t require access to, or the use of a Quantium Machine, runs of classical computers. PQC uses a different type of algorithm that makes it hard for Quantum Computers to crack things and find a path back to discovering your keys — known as ‘hard’.
Your information is already at risk and doing nothing is NOT an option…
Many will say Quantum Computers are decades away. The same people that 5 years ago said you couldn’t build a machine that would be useful. The rate of development advancement and the breakthroughs happening every day, with billions of dollars is piling into the sector, Quantum is a place where many of the world’s smartest people are drawn towards. I dare you to bet these people wont succeed and you have more time!
Some believe a machine powerful enough will be 3 to 5 years away, others a decade or more. But nobody knows for sure and there is little time to waste by doing nothing. Quantum Computers are here, they are getting more powerful and stable. They are the future and deliver the brute force sub-atomic effects not seen since 1946 when Oppenheimer split Uranium and Plutonium — his actions unleashing devastating power. History is once again about the repeat itself with the arrival of the Quantum Age.
It is worth remembering all information is transmitted over the Internet and cloud computing (data-centres used for storing and processing) also hangs on the end of a largely insecure public network. The possibilities for a Quantum Machine to deliver the ‘killer blow’ is wide and available, given todays hackers using classical computers frequently exploit vulnerabilities and steal our data, our information and ransom our systems. Can you imagine what damage they will do using a Quantum Computer that are millions if not billions of times more powerful that any super computer?
How do you instal PQC?
Deploying PQC solutions can happen at several levels and can be relatively painless although requires a lot of planning and design. A transition and operational strategy is required in a pre-quantum world. Especially when involving thousands of small devices or sensors, or across a diverse infrastructure, spread across many countries and regions. And some industries will also have deeper degrees of complexity such as medical and biotech, self driving cars and aviation, in critical infrastructure, banking and national security and intelligence.
PQC can use much of the existing computing infrastructure that are adjusted and augmented to cater for new algorithms and types of encryption models on which PQC rely. And as industry standards are arriving very soon, now is a perfect time to begin the move towards PQC that will immediately de-risk corporate and systemic vulnerabilities and make it harder for all parties to steal information assets. Or does it. When implementing PQC or any other security protocol the implementor, the team the people often leaves gaps. In many ways like plumbing, with each addition, ’T’ connector or junction you’re adding new vulnerabilities.
Considerations to the hardware and the software and the plethora of PQC approaches can leave gaps and gaping holes in the important things. No only side attacks, but also on the single device or component vulnerability, all of whom these days are inter-connected devices. Especially concerning, given the trend towards edge connected devices where the processing happens locally to the device, as it hops between points on the network. Where data is processed locally as other data is handled centrally, the current iteration of the Internet is unlikely to be adequate in simple security terms, and will certainly not be up to job in a Quantum Computer Era.
The Quantum Computer era has arrived and comes with Threats and Opportunities to gain an Advantage. It is real and has multi hundred billion backers who are betting big on this new alien technology. A technology that will help humanity find its path to the next phase of civilisation, where humanity lives longer, diseases are eradicated and we finally understand how life itself and the world around us works.
Quantum Computing is part of Quantum Information Sciences that take their lead from Quantum Mechanics, and where computing in the sense of ‘brute force’ calculation is merely one branch of the Quantum realms that is already heading our way.
Time to brace yourself and do something. Time to start with PQC…
Author: Nick Ayton © 2021