The rise of quantum computing is expected to have significant impacts on both financial and technological considerations when evaluating infrastructure expansion and upgrades. Quantum computing is still being developed but gets closer to reality every day. Here we look at the high level impacts of quantum computing in relation to cryptographic infrastructure.
Bits and Qubits
Compared to classical computing systems that function on binary digits, (or "bits") quantum computing is based on the ability for a single 'qubit' to be able to encode more than two states. In fact, theoretical quantum computing can handle a superposition of multiple states. While the math that supports this is extremely complex, suffice it to say that quantum computing is exponentially more advanced than today's top technologies.
As a comparison, today's computer systems manipulate bits that are either set to a 1 or a 0. Quantum computers make use of quantum bits, called qubits, that can be represented as a superposition of both states. This means that any two or more quantum states can be added together and the result is yet another valid state. Simply put, quantum computers have the potential to be immensely more powerful than today’s computers as the possible combinations for a single qubit are far greater than that of an ordinary bit.
The scientific community in conjunction with governments and universities is furiously working to develop large-scale quantum computers. When this happens, sometime over the next 5 to 20 years, these computers will be expensive. In the meantime, there are quantum algorithms (for cryptography) that can be processed by a classical binary computer. This opens up the possibility that you will need to consider the integration of these hybrid type solutions into your environment until such time that true quantum infrastructure becomes a reality.
It is important to not confuse quantum computing with the term “quantum cryptography”, which is the science of exploiting quantum mechanical properties to perform cryptographic tasks. A good example of example of this is “quantum key distribution”, which enables a secret cryptographic key (symmetric key) to be shared between two remote parties such that any interception can be reliably detected.
Quantum Key Distribution
Quantum key distribution, or QKD, refers to how crypto keys can be exchanged in a quantum world. Today's key exchange processes have the inherent risk of a third party attempting to intercept the key transmission. While they may not be able to immediately decrypt it, they can store it in the hope of eventually cracking the code and using it.
With Quantum key distribution, the cryptographic protocols use elements of quantum mechanics (known as quantum entanglement). In this scenario, two parties can share a secret key which allows for encryption and decryption, with the added benefit of a built-in fail-safe that can detect any attempts by a third party to intercept the key. In order to eavesdrop, the third party must attempt to measure the quantum system. This measurement disturbs the quantum system. Processes can thereby be put in place that aborts the key exchange if a certain threshold of disturbance is detected.
Quantum Computing and Cryptography
The use of cryptography has become a foundational element of securely processing transactions and sensitive data, e.g. for financial businesses and health care organizations. Perhaps one the greatest impacts of quantum computing on your future infrastructure purchases is its impact on cryptography. The reason being is that the cryptographic algorithms can withstand the brute force attacks that today's classical computers are currently capable of. Based on current technology, it's computationally infeasible for a classical binary computer to solve and break a public key cryptographic system. This is because it would take centuries of time for it to process through all the possible scenarios.
Quantum computing, however, would be able to break almost all public-key cryptography solutions that are in use today.
Preparing for the future
Many of today's cryptography systems are built on asymmetric algorithms, whose primary defenses are built upon the principle that classical computing systems lack the capability to decipher them. Quantum computing has already been theoretically proven to be capable of breaking classical asymmetric cryptographic algorithms in use today. This means that quantum computing resistant algorithms will need to become an integral part of cryptographic infrastructure solutions before quantum computers become mainstream.
Similarly, crypto-agility is a topic that needs to be understood if you're going to make a smooth transition into this new age of technology. Crypto-agilty refers to the ability of your information security system to evolve to an alternative encryption method without requiring large-scale changes to the underlying infrastructure. This becomes critical in the age of quantum computing because of the threat to the existing algorithms. As a result, and according to NIST guidelines, becoming crypto-agile is no longer optional.
Solutions for crypto-agile infrastructure are already available to enable organisations to be prepared for this scenario.
References and Further Reading
- Selected Articles on Quantum Cryptography (2017-today), by Dawn M. Turner, Rob Stubs, Terry Anton and more
- Selected Articles on Crypto-Agility (2017-today), by Dawn M. Turner, Jasmine Henry, Rob Stubs, Terry Anton and more
- Final Version of NIST Cloud Computing Definition Published by the National Institute of Standards and Technology, October 2011.
- Study on Cryptography as a Service (CaaS) by Yudi Prayudi and Tri Kunturo Priyambodo, November 2014.
- NISTIR: Report on Post-Quantum Cryptography by the National Institute of Standards and Technology, April 2016.
- Cryptomathic Answers Compliance-Driven Call for Crypto-Agility by Cryptomathic, May 2018.