What Is Quantum-Proof Encryption and Why Can’t You Test It Yet?

https://ift.tt/TOD8yIY

Cryptography is defined as the study of writing and solving codes. It is an important part of security protocols and communications, improving privacy and ensuring that data is only read by the intended recipient.

However, with the advent of quantum computers, it’s widely expected that conventional cryptography methods will no longer be viable. As a result, programmers and experts have already been working on hat they refer to as quantum-proof encryption.

So what is quantum-proof encryption? And why can’t you actually test it just yet?

## What Is Quantum-Proof Encryption?

Quantum-proof encryption simply refers to a series of algorithms that can’t be hacked, even with quantum computers. It’s expected that quantum-proof encryption will probably replace conventional algorithms that rely on public key encryption, which generally relies on a set of two keys (one for encoding and another for decoding).

In 1994, a mathematician at Bell Labs, Peter Shor, wrote a paper talking about quantum computers, which were essentially powerful computers that could perform calculations far more powerful than a standard computer was capable of. But back then, they were only a possibility. Fast-forward to the present day, and computing devices have come a long way. In fact, many believe that quantum computers are a decade or so away.

Needless to say, this gives rise to a serious concern: if quantum computers became a reality, which seems increasingly likely, conventional encryption methods would become useless. As a result, scientists have been working on post-quantum cryptography for a while now.

### Developing a Quantum-Proof Encryption Standard

The National Institute of Standards and Technology (NIST) started a competition back in 2016 to find a post-quantum encryption standard that would be capable of resisting a quantum computer.

This is different from conventional encryption systems which rely primarily on solving complex math problems. In 2022, the NIST announced that it had shortlisted four major encryption algorithms that it considers “quantum-proof.” These include:

- The CRYSTALS-Kyber algorithm.
- The CRYSTALS-Dilithium algorithm.
- FALCON.
- SPHINCS+.

The CRYSTALS-Kyber algorithm is being developed to be used as a general encryption standard. The algorithm is popular because of its smaller encryption keys, allowing both parties to exchange them quickly. This also means that CRYSTALS-Kyber is incredibly fast when compared with others.

The remaining three have been selected for digital signatures, ideally for signing digital documents remotely or for verifying the identities of both parties during a digital transaction.

The NIST officially recommends CRYSTALS-Dilithium as the first choice for digital signatures, and FALCON for more basic signatures that Dilithium might not cover. Both are known for being reasonably fast. All three use structured lattice math problems to encrypt the data.

The fourth one, SPHINCS+, is comparatively slower than the others, but it’s considered quantum-proof since it relies on an entirely different set of mathematical problems than the other three. Instead of using structured lattices, this one relies on hash functions.

## The Importance of Developing Quantum-Resistant Cryptography

One of the biggest concerns for major organizations today is that once quantum computing becomes mainstream, there’s a strong chance that all the data that’s safely encrypted right now might be at risk. Many believe that quantum computing will change the world entirely, and cryptography is the one field that’s likely to be majorly affected.

For instance, if you send sensitive information using conventional encryption today, there’s a risk that malicious third-parties might intercept your data and store it. This is especially true for government agencies, where the secrecy of classified documents today will be just as important in the future.

Once quantum computing goes mainstream, there’s a real risk that this sensitive information could be decrypted and released to the public or used for purposes of blackmail, even if it’s decades down the line. That’s one of the reasons why governments and security agencies are so serious about developing quantum-safe encryption as soon as possible.

If you use a pre-shared key with the IKEv1 protocol, you’re essentially using encryption that’s considered quantum-resistant. Many also believe that AES-256, a commonly used encryption, is also quantum-resistant.

However, as per the NIST, the four encryptions mentioned above are the only ones that are considered “quantum proof.” Many companies are already introducing quantum safe encryption into their products. For instance, Verizon’s quantum safe VPN is designed to be capable of resisting attacks by a quantum computer.

## Why Can’t You Test Quantum-Proof Encryption Yet?

While there are several encryption standards that we consider quantum safe, none have really been tested. And the reason for that is quite obvious: we don’t have quantum computers yet.

However, we’re inching ever closer. Nanocomputing, something considered impossible at one point, is real, with several modern devices now using transistors that have channels with a length of less than 100 nanometers.

In fact, in 2019, Google published a landmark report in Nature, claiming that they had achieved quantum supremacy with Sycamore, their quantum computer. In a team led by John Martinis, an experimental physicist, they were able to use their quantum computer to carry out complex calculations that would take a standard supercomputer more than 100,000 years.

This isn’t a cause for alarm just yet: they only achieved quantum supremacy with one specific case, but it does show that quantum computing is very real, and not as far away as most people think.

As a result, because quantum computing isn’t really available, it’s impossible to test it properly. In fact, to explain just how specific the problem was that Sycamore solved, the team actually presented a case where the computer had to calculate the probability of different outcomes using a quantum random number generator.

This is obviously very different from conventional encryptions, which generally involve mathematical equations. However, it does go to show just how powerful it can be to the next best thing once scientists are able to fully master it.

## Take Steps to Encrypt Your Information Today

While quantum-proof encryption is still a while away, it doesn’t hurt to make sure that you use proper safety measures today. For instance, if you use cloud storage to store personal files or data, always make sure that you use an end-to-end cloud storage provider.

Tech

via MUO – Feed https://ift.tt/nzA23Se

September 23, 2022 at 06:09AM