Cryptography in the quantum computing era
What is quantum computing? Quantum computing represents the first major shift away from how traditional computers work because — using the principles of quantum mechanics… Read more
What is quantum computing?
Quantum computing represents the first major shift away from how traditional computers work because — using the principles of quantum mechanics — the set-up and nature of quantum computers are fundamentally different to any type of previous computer.
Since their inception, traditional computers use information in a binary format — as sequences of either ones or zeros — for their calculations. One ‘bit’ of binary data can only hold a one or a zero, but never both; the same way that a lightbulb can either be on or off. However, through the principle of ‘superposition,’ a ‘qubit’ (the quantum version of a bit) can be in a state of either one, zero, or both.
Superposition is possible because at a sub-atomic level, particles can be thought of as waves that exist across different states, rather than as tiny grains of matter as previously accepted. Therefore, the same particle could theoretically be travelling at different speeds, be in different positions, or gather different momentums.
The advantage of this indeterminate state is utilised by the qubit’s ability to be ‘entangled’ with one another, in stark contrast to how traditional computers work by isolating each ‘bit’ from the other. This entanglement allows for much greater calculations to be performed as all possible solutions can be explored concurrently, rather than one after the other.
To help illustrate, if we think of traditional computers as operating by organising information in a straight line, quantum computers can organise it in a web, with each possible point branching into further multiple points. This allows quantum computers to carry out numerous calculations in parallel, that a traditional computer would otherwise only be able to do one at a time.
The qubit’s unique ability to simultaneously hold the value of both one and zero, together with how they interact will make them more powerful than even the most advanced supercomputer today. By its very nature, each additional qubit doubles the encoding capacity of the quantum computer. Once a quantum computer can operate with 300 qubits, the number of possible solutions become greater the number of known atoms in the universe. Whilst this opens the possibility of greater discoveries being possible in the world of science and artificial intelligence, it also represents a grave threat to our data and privacy due to the way online encryption works.
Modern cryptography
Modern online encryption works by scrambling the information you are sending over the internet through difficult mathematical problems. It operates by using a ‘Public Key’ that is the product of multiplying two very large prime numbers together, to encrypt the message, and a ‘Secret Key’ that are the individual constituent primes, to decrypt the message. Its effectiveness relies on the principle of ‘Prime Factorisation’ whereby it is mathematically straightforward to multiply two gigantic prime numbers together but incredibly difficult to reverse engineer.
The ‘Public Key’ act as a kind of ‘digital padlock’ whereby it can be published online, but only the intended recipient would be able to unlock and access the information. To any other third party, it would be indecipherable. Some web browsers contain a padlock icon to the left of the URL of the website you are visiting to visually indicate that this type of security is in force. However, it follows that if a hostile hacker were to calculate what the constituent primes where, they would be able to ‘pick the lock’.
Leaving aside the attempts of intelligence agencies to construct ‘back doors’, it would take current supercomputers hundreds of thousands of years to factorise a properly implemented encryption based on a 300-digit number. However, with quantum computing, this timeframe rather frighteningly reduces to a fraction of a second.
This ultimately allows quantum-powered hackers the ability to effortlessly obtain information including, but not limited to, anyone’s passwords, financial data or even state secrets. Given how integrated the internet has become in our daily lives, especially so for the younger generation, this gives such hackers the ability to effectively tap into the ‘nervous system’ of the twenty-first century.
What, if anything, can be done?
New forms of cryptography must be adopted, and they must be implemented pre-emptively. One such ‘quantum-proof’ form of cryptography is the ‘Lattice encryption,’ based on multidimensional, repeating grids of points.
Lattice cryptography works by hiding data inside complex algebraic structures called lattices. Not only are these encryptions resistant to quantum attacks, it is also impossible to construct a ‘back door’ for intelligence agencies. Perhaps the most valuable feature of this cryptography is the ability for the recipient to perform reviews and calculations of the data without having to decrypt the file first. Practically, this would have significant benefits when sending sensitive information such as medical details, as the intended recipient could use that information without ever having to decrypt it.
Alternatively, perhaps the best form of mitigation would be to lean into this ‘quantum threat.’ Just as the development of quantum computers could potentially put our privacy at risk, it could also – as some would argue – usher in a new era of quantum-powered cryptography.
Whilst quantum computers can effortlessly crack a private key used in standard encryptions, it has no such advantage whatsoever when it comes to ‘quantum keys’. With quantum cryptography, the quantum key is encrypted into a series of photons – particles of light – which transfer through lines of optic fibre.
The effectiveness of this form of communication relies on the Heisenberg Uncertainty Principle whereby one cannot attempt to observe a quantum particle without necessarily altering it. Therefore, if a third party did find a way to snoop on quantum-powered secure communication, it would be evident that someone other than the recipient party had been listening.
Physicist and quantum cryptographer Richard Hughes sums up the effectiveness of this method by stating, “In this case, it doesn’t matter what technology the adversary has, they’ll never be able to break the laws of physics”.
How far away is this?
Many experts believe this type of technology is close, with former IBM Scientist Madhav Rigetti estimating that, “In ten to 15 years, every major organisation will use this technology”. However, despite the enthusiasm of some experts, there is undeniably an appreciable risk that a ‘Quantum Winter’ could be on the horizon in much the same vein as the ‘AI Winter’ of the 1970s.
Current prototypes, most notably developed by IBM, don’t necessarily indicate that this form of technology will be widespread anytime soon. Due to the effects of superposition and entanglement, qubits are inherently very delicate and easily disrupted. The tiniest bit of heat will change how a particular qubit will operate, which has the consequence of undermining how all the other qubits function.
Therefore, they must be cooled to a minimum of less than a degree above absolute zero and kept well isolated from the rest of the laboratory environment to prevent interference from dust. Clearly, significant advances in the materials that encase qubits must be sought before they can be commercialised for use in laptops or smartphones. Furthermore, breakthroughs in the software that can effectively utilise qubits in a consumer-friendly manner need to occur before this type of technology is ready for the mass market.
Despite these difficulties, it is well known that intelligence agencies such as the NSA, and states such as Russia and China, are investing heavily in this type of computer. Therefore, whilst we may be waiting a significant amount of time before the latest iPhone utilises quantum technology, the risks to our data and privacy will exponentially increase if any one of those states or agencies develops a working quantum computer.
There is therefore arguably little time to lose in upgrading current forms of cryptography. In the words of Arvind Krishna, the Director of IBM Research, “Anyone that wants to make sure their data is protected for longer than 10 years should move to alternative forms of encryption now”.
Share this blog
Sandeep Thomas is a commercial technology paralegal
Share this Blog
- Adtech & martech
- Agile
- Artificial intelligence
- EBA outsourcing
- Brexit
- Cloud computing
- Complex & sensitive investigations
- Connectivity
- Cryptocurrencies & blockchain
- Cybersecurity
- Data analytics & big data
- Data breaches
- Data rights
- Digital commerce
- Digital content risk
- Digital health
- Digital media
- Digital infrastructure & telecoms
- Emerging businesses
- Financial services
- Fintech
- Gambling
- GDPR
- KLick DPO
- KLick Trade Mark
- Open banking
- Retail
- SMCR
- Software & services
- Sourcing
- Travel