Quantum Computing Will Break Today’s Encryption Standards – Here’s What to Do About It
(Verizon) Quantum computing will break the encryption used in e-commerce and VPNs someday. The race is on to develop quantum-safe algorithms and procedures before that happens. The remedy will be found in physics or mathematics. IQT-News here summarizes an article by William F. Copeland, Distinguished Engineer, Applied Research Lab, who has been building networks for over 20 years and is part of the quantum technologies team at Verizon.
Verizon and most of the world rely heavily on e-commerce to sell our products and encryption to communicate via email, messaging, and cellular voice calls. All of these need secure encryption technologies in the coming quantum era. But whether we choose pre-shared keys (implemented by the awesome photon) or algorithms, further leveraging mathematics, our communications software will need updating. And while the post quantum cryptography effort is relatively new, it is not clear which algorithms will withstand scrutiny from the cryptographic community. In the meantime, we continue to peer down each fork in the road to seek the best option to take.
To understand how to solve the impending security threats in a quantum era, we need to first understand the fundamentals of our current encryption mechanism. The most commonly used in nearly all internet activities – TLS – is implemented anytime someone performs an online activity involving sensitive information, like logging into a banking app, completing a sale on an online retailer website, or simply checking email. It works by combining the data with a 32-byte key of random 1’s and 0’s in a complicated and specific way so that the data is completely unrecognizable to anyone except for the two end-to-end parties sending and receiving the data. This process is called public key encryption, and currently it leverages a few popular algorithms for key exchange, e.g., Elliptic curve Diffie-Hellman (ECDH) or RSA (each named after cryptologists,) each of which are vulnerable to quantum computers. The data exchange has two steps: the key exchange and the encryption itself. The encryption of the data with a secure key will still be safe, but the delivery of the key to unlock that information (key distribution) will not be secure in the future quantum era.
To be ready for quantum computers, we need to devise a new method of key distribution, a way to safely deliver the key from one end of the connection to the other.