The quantum computing threat to information security
- Published: Friday, 29 April 2016 10:10
If an exotic quantum computer is invented that could break the codes we depend on to protect confidential electronic information, what will we do to maintain our security and privacy? That's the overarching question posed by a new report from the National Institute of Standards and Technology (NIST), whose cryptography specialists are beginning the long journey toward effective answers.
The NIST Internal Report (NISTIR) 8105: Report on Post-Quantum Cryptography details the status of research into quantum computers, which would exploit the often counterintuitive world of quantum physics to solve problems that are intractable for conventional computers. If such devices are ever built, they will be able to defeat many of our modern cryptographic systems, such as the computer algorithms used to protect online bank transactions. NISTIR 8105 outlines a long-term approach for avoiding this vulnerability before it arises.
"There has been a lot of research into quantum computers in recent years, and everyone from major computer companies to the government want their cryptographic algorithms to be what we call 'quantum resistant,'" said NIST mathematician Dustin Moody. "So if and when someone does build a large-scale quantum computer, we want to have algorithms in place that it can't crack."
The report shares NIST's current understanding of the status of quantum-resistant cryptography, and details what the agency is doing to mitigate risk in the future. One overall recommendation for the near term is that organizations focus on ‘crypto agility’, or the rapid ability to switch out whatever algorithms they are using for new ones that are safer.
Many current algorithms rely on the difficulty that conventional computers have with factoring very large numbers, a difficulty that a quantum computer can overcome. Defenses / defences that rely on different mathematical approaches might stymie a quantum computer, and there is worldwide research interest in developing them.
While no one has yet come close to building a quantum computer that could threaten the systems we currently use, Moody says it is important to think about the future before it arrives.