The rise of quantum computing is expected to have significant impacts on both financial and technological considerations when evaluating infrastructure expansion and upgrades. Quantum computing is still being developed but gets closer to reality every day. Here, we examine the broad effects of quantum computing on the cryptographic infrastructure.
Bits and Qubits
Compared to classical computing systems that function on binary digits, (or "bits"), quantum computing is based on a single 'qubit' 's ability to encode more than two states. In fact, theoretical quantum computing can handle a superposition of multiple states. While the math that supports this is extremely complex, suffice it to say that quantum computing is exponentially more advanced than today's top technologies.
In comparison, today's computer systems manipulate bits that are set to a 1 or a 0. Quantum computers make use of quantum bits, called qubits, that can be represented as a superposition of both states. This means that any two or more quantum states can be added together, and the result is yet another valid state. Simply put, quantum computers have the potential to be immensely more powerful than today’s computers as the possible combinations for a single qubit are far greater than that of an ordinary bit.
In conjunction with governments and universities, the scientific community is furiously working to develop large-scale quantum computers. When this occurs, these computers will be expensive sometime over the next 5 to 20 years. In the meantime, there are quantum algorithms (for cryptography) that can be processed by a classical binary computer. This opens up the possibility that you will need to integrate hybrid-type solutions into your environment until true quantum infrastructure becomes a reality.
It is important to not confuse quantum computing with the term “quantum cryptography”, which is the science of exploiting quantum mechanical properties to perform cryptographic tasks. A good example of this is “quantum key distribution”, which enables a secret cryptographic key (symmetric key) to be shared between two remote parties such that any interception can be reliably detected.
Quantum Key Distribution
Quantum key distribution, or QKD, refers to how crypto keys can be exchanged in a quantum world. Today's key exchange processes have the inherent risk of a third party attempting to intercept the key transmission. While they may not be able to decode information immediately, they can store it in the hope of eventually cracking the code and use it.
With Quantum key distribution, the cryptographic protocols use elements of quantum mechanics (known as quantum entanglement). In this case, two parties can share a secret key that enables encryption and decryption, with the added benefit of a built-in fail-safe that can detect any attempts by a third party to intercept the key. In order to eavesdrop, the third party must attempt to measure the quantum system. This measurement disturbs the quantum system. Processes can thereby be put in place that abort the key exchange if a certain threshold of disturbance is detected.
Quantum Computing and Cryptography
The use of cryptography has become a foundational element of securely processing transactions and sensitive data, e.g. for financial businesses and healthcare organizations. Perhaps one of the greatest impacts of quantum computing on your future infrastructure purchases is its impact on cryptography. This is because cryptographic algorithms can withstand the brute force attacks that today's classical computers are capable of. Current technology makes it computationally infeasible for a classical binary computer to solve and break a public key cryptographic system. This is because it would take centuries of time for it to process through all the possible scenarios.
Quantum computing, however, would be able to break nearly all current public-key cryptography solutions that are in use today.
Preparing for the future
Many of today's cryptography systems are built on asymmetric algorithms, whose primary defenses are built upon the principle that classical computing systems lack the capability to decipher them. Quantum computing has already been theoretically proven to be capable of breaking classical asymmetric cryptographic algorithms in use today. This means that quantum computing-resistant algorithms will need to become integral to cryptographic infrastructure solutions before quantum computers become mainstream.
Similarly, crypto-agility is a concept that needs to be understood if you're going to make a smooth transition into this new age of technology. Crypto-agility refers to the ability of your information security system to evolve to an alternative encryption method without requiring large-scale changes to the underlying infrastructure. This becomes critical in the age of quantum computing because of the threat to the existing algorithms. As a result, and according to NIST guidelines, becoming crypto-agile is no longer optional.
Solutions for crypto-agile infrastructure are already available to enable organizations to be prepared for this scenario.
Download the eBook Preparing for the Rise of Quantum Computing: with a crypto agility strategy
Cryptomathic's Crypto Service Gateway delivers a comprehensive crypto-agility security solution that allows organizations to prepare for the post-quantum era with ease. Contact us now to learn how this cutting-edge technology can help you protect your critical information today.