By: Craig Kennedy
Quantum Decryption—The Holy Grail for Cybercriminals
A group of researchers at Tsinghua University in China has claimed to have developed a quantum-based algorithm that’s capable of breaking today’s existing encryption standard.
The qubit-sparing factorization algorithm, called sublinear-resource quantum integer factorization (SQIF), can efficiently be run on existing quantum computing infrastructure.
How Critical is Quantum Decryption?
The team of researchers were able to demonstrate a proof-of-concept by running this new algorithm on a 10-qubit superconductive quantum computer to break a tiny 48-bit encryption key.
Today’s state-of-the-art encryption keys which are typically 1,024 or 2,048 bits are not immediately at risk, however quantum computers are rapidly increasing in power.
At the end of last year, IBM announced a 433-qubit system codenamed Osprey, with an aggressive roadmap for continued growth, so it’s only a matter of time until quantum computers are powerful enough to crack today’s cryptographic keys.
Post Quantum Cryptography—Security in a Post Quantum World
In December, 2022 President Biden signed into law the Quantum Computing Cybersecurity Preparedness Act that directs government agencies to take actions to protect against post-quantum decryption.
There are several technology providers offering post quantum cryptography (PQC) solutions today, and enterprises should start the process of evaluating these offerings to protect its assets moving forward.
Steal Now, Crack Later
There is also a significant concern that bad actors (either cybercriminals or nation-states) are opportunistically collecting encrypted data intercepted on the internet and storing it with the intent of decrypting it once quantum technology has matured to the point of enabling easy decryption.
There’s nothing that can be done for data that’s already been collected, however by upping your game to include post quantum cryptography, at least any future data breaches would remain secure.
Bottom Line
While today’s classic cryptographic standards are still secure, it’s just a matter of time until quantum computers will be able to make current cryptography useless.
Enterprises should be actively planning a transition to post-quantum cryptographic (PQR) solutions to keep their IP and data secure in a post-quantum world.
This blog on Quantum Decryption is a part of the Digital Operations blog series by Aragon Research’s Sr. Director of Research, Craig Kennedy.
Missed an installment? Catch up here!
