Your Encryption Will Be Useless Against Hackers with Quantum Computers

Computing could soon fundamentally change, and when it does, cryptography will evolve too. Quantum computing "will instantly change the world of encryption," Konstantinos Karagiannis, BT Security's Global Technical Lead of Ethical Hacking, told me. He's set to give a talk on the future of encryption—and breaking it—at the Black Hat Europe security conference next month.

Impressive as our current technology is, with even mobile phones now having more power than the systems that put mankind to the moon, classical computers are running out of steam. Computers that utilise the science of quantum mechanics will halt the incremental piling on of stats, and introduce an entirely new way of operating. They'll be able to process far more difficult problems than their predecessors.

At bottom, computers as we know them deal in binary states—information can either be a one or a zero, making up a 'bit.' In the quantum world, however, there exists something researchers have called a 'qubit:' a piece of information that can be both a one and a zero at the same time.

Algorithms can then be applied to take advantage of this quantum weirdness, giving results that just aren't possible with a classical computer.

Applying such quantum states to efforts to crack encryption could be a game-changer. For example, going through all the possibilities of number combinations to crack a code that is, say, 400 digits long is quite the feat for a classical computer. But for quantum computers, blackboard experiments have indicated that they should be powerful enough to do this.

Using quantum computers for cryptography is "powerful only if you have an algorithm that can take advantage of it," Karagiannis said. For example, Shor's Algorithm would allow a quantum computer to deal with massive prime numbers in seconds.

"When someone has a quantum computer, no one is really going to feel safe anymore," Karagiannis added ominously. "It's going to be this lurking menace, out in the darkness."

This is because, theoretically, quantum computers should be able to break a whole host of encryption types that we've come to rely on. According to Karagiannis, public-key cryptography (PK), used extensively by activists, governments, and terrorists alike, will fall, as will the Data Encryption Standard (DES), originally deployed by the US government.

According to documents leaked by Edward Snowden, the NSA is intent on building a quantum computer that could crack most types of encryption. If successful, the $79.7 million research project entitled "Penetrating Hard Targets" would give the agency the power to break into communications, even if they were encrypted. The NSA is also storing some protected messages and files in the hope that someday it will be able to break into them.

"One hundred percent, right now, the technology exists to build a tremendous quantum computer," Karagiannis said. Various researchers are trying, including Google, although many in the scientific community don't consider their D-Wave machine a proper quantum computer.

Regardless, when this sort of technology does get rolled out, "for sending sensitive data, you're going to wonder, was my transmission just captured?" Karagiannis said. "Forget about worrying if you need to change a password at a particular group of web sites. Everything you send over the wire will be readable by the entity that gets a quantum computer first," he wrote on the BT Let's Talk Security blog.

It might sound like a new quantum arms race, but all is not lost. "There are some advanced forms of encryption that on blackboards still haven't fallen to quantum computers," Karagiannis says, although "that could change with the right algorithm."

Naturally, quantum computers could lead to new encryption as well, to generate stronger protections. Karagiannis's work has also been dealing with quantum key distribution, which creates a changing encryption key in order to keep data secure.

Governments and tech giants may be pushing for quantum computers, but it won't be in the hands of consumers soon, though Karagiannis is sure that, one day, it will. He envisions that BT may in the future sell quantum encryption technology, in order to protect customers' transmissions. "It would be foolish not to," he said.

In the meantime, whoever builds a device capable of cracking encryption with quantum computing will have a huge advantage.