Imminent Arrival of Quantum Computers Spells Danger for Private Data
In a blog post we published last November, we reported that quantum computers might be available in the next ten to fifteen years. However, with companies including Google and IBM significantly ramping up their efforts to make quantum computing a reality, it is likely that commercial availability for these “super computers” will arrive ahead of schedule.
A recent article in Wired magazine noted that Google plans to produce a viable quantum computer within the next five years. It also reported that IBM, which currently offers quantum computing as a cloud service, plans to offer commercial quantum machines to businesses and research organizations this year. Furthermore, Microsoft has stated that it is ready to begin engineering its own topological quantum computer.
It is predicted that the advent of quantum computers will enable humankind to do great things such as expedite drug discovery, streamline financial markets and solve gridlock. However, it is also predicted that they will facilitate some things that are not so great, notably, enabling bad actors to rapidly break most modern cryptographic systems.
Peter Shor, a professor of Applied Mathematics at MIT, wrote a quantum algorithm in the mid-nineties that leverages quantum computers to crack public-key encryption, which is the method currently used to secure online banking and email. In addition, the National Institute of Standards and Technology (NIST) reported last year that it would be possible to build a quantum computer capable of breaking a 2048-bit RSA cryptosystem in just hours.
This situation spells nirvana for hackers and nation states, and disaster for the manufacturers and users of the seemingly infinite number of devices that depend on current cryptographic protocols to protect data. Theoretically, all it would take to gain access to financial transactions, medical records, and other private information is determination and some finely-honed hacking skills.
With commercial availability of quantum computers “just around the corner,” it’s urgent that companies take steps now to protect systems and data. As a case in point, the National Security Agency (NSA) has taken this situation very seriously, advising companies and government departments working with sensitive data to start protecting their systems against quantum attacks. In addition, NIST has released a report on post-quantum cryptography that recommends that organizations focus on “crypto agility,” or the rapid ability to switch out currently-used algorithms for safer ones.
The good news is that quantum-resistant cryptographic protocols do exist. For example, SecureRF’s asymmetric (public-key) protocols, based on Group Theoretic Cryptography, are quantum-resistant to all known attacks. These small, fast, and ultra-low-energy solutions fit on devices both large and small, but are especially well-suited to low-resource IoT devices. In addition, they can be easily implemented in just hours.
You can try out our solutions yourself with our IoT Embedded Security Development Kit (SDK). Click the button below to request a kit now.