‘Computer Security Fundamentals’: Quantum Security to Certifications
(SearchSecurity) Chuck Easttom, author of ‘Computer Security Fundamentals” discusses some of the newer trends in cybersecurity today and trouble areas he sees people encounter in cybersecurity in this article.
He explains that current public key cryptography — algorithms like Diffie-Hellman, elliptic curve cryptography and RSA [Rivest-Shamir-Adleman] — are based on mathematical problems that are very hard for classical computers to solve. That’s the basis of these algorithms’ security. The problem is it was already proven by a man named Peter Shor at MIT that a quantum computer can solve these mathematical problems in a reasonable amount of time. This means, if we had a fully functioning practical quantum computer today, it would be able to break RSA, elliptic curve and Diffie-Hellman in a reasonable amount of time — not instantly, but in a reasonable amount of time. Then, all the VPNs, e-commerce and more would be insecure.
NIST has been working for a couple of years on a project to evaluate algorithms resistant to quantum computers. It’s already gone through two rounds of analysis and has been narrowed down to a group of final candidates. NIST expects to complete this by 2022.
Easttom explains most people estimate we are five years out from serious implementation of quantum computing. That’s because there’s still a problem with what we call decoherence in the quantum computer — basically, the state of the qubit literally falls apart in a very short period of time. While we can do limited things with them, things like cracking cryptography can’t yet be done.