How will quantum computing impact cybersecurity?

Quantum computers exist in research universities, government offices, and leading science companies, except in rare cases, out of reach of the bad guys. However, that may not always be the case.

As research into quantum computers continues to advance the technology, there is growing concern that these computers may soon break modern cryptography. That would render all current data encryption methods obsolete and require new encryption methods to protect from these powerful machines.

Although the concept of quantum computers is not new, the controversy surrounding them has increased in recent months thanks to continued federal activities.

In May 2022, President Biden released a national security memo outlining the government’s efforts to overcome concerns about quantum computing security. In June, the United States House of Representatives passed the Quantum Computing Cybersecurity Preparedness Act requiring federal agencies to transition information technology systems to post-quantum cryptography.

This act (PDF), which still needs to be passed by the US Senate, builds on the ongoing efforts of the National Institute of Standards and Technology (NIST) to create post-quantum cryptographic standards. For its part, NIST released the first four quantum proof algorithms in July 2022. Not long after, the CRYSTALS-Kyber key encapsulation and public key encryption mechanism proposed by NIST was broken with how to use AI in conjunction with side channel attacks.

The power of quantum computers

Even today’s fastest computers have difficulty breaking a security key due to its complexity. It would take years for a system to break standard keys, even under the best of circumstances. This is what makes encryption such a valuable security safeguard.

Quantum computing this time looks to change dramatically from a few years down to a few hours. Although it can quickly get complicated, experts believe that many of today’s popular public key encryption methods, such as RSA, Diffie-Hellman, and elliptic curves may one day be compatible. simple for quantum computers to solve.

The good news in this scenario is that commercial quantum computing is still ahead. A study from the National Academy believes that future code-breaking quantum computers will need 100,000 times more processing power and 100 times better error rates. These improvements may take more than a decade to materialize, but they are something security leaders need to consider right now.

It will be too late if we wait until those powerful quantum computers start breaking our encryption.

Take advantage of intensive defense

While quantum-based attacks are still in the future, organizations must think about how to protect data in transit when encryption no longer works. Best practices include things like network segmentation, leveraging 5G private networks, and leveraging Zero Trust architecture.

Organizations must also secure data when it is stored. Many databases feature encryption that could be controversial in the future. Organizations may need to store some data offline or re-encrypt old files after newer encryption technology becomes available.

Now, everything from the browser cache, to the password manager, to the local Outlook email file is encrypted. If that encryption can be broken, organizations may need to reduce the overall distribution to limit the risk, at least until better quantum encryption is created.

The way forward

Growing concern about a quantum-related cyberattack is not imminent, but it’s not unfounded either. Cybersecurity professionals must stay flexible in the face of new threats and shifts in mindset. As we move towards this next challenge, let’s remember to keep a solid foundation.

We’re looking to a future with quantum computing, so prepare your organization now for this emerging threat, along with other threats that are affecting us. to your business today. The defense-in-depth approach acts as a hedge against different attack directions. It provides organizations with comprehensive coverage and strong defense against various attacks.

Related: Network Details 2023 | Upcoming Quantum Computers and Cryptocurrencies

Related: The threat of quantum computers to public-key cryptosystems

Related: Quantum computers are for tomorrow, but today comes with a quantum risk

Related: Solve the quantum decoding problem ‘Harvest now, decode later’

Related: Is OTP a viable alternative to NIST’s post-quantum algorithms?