Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, Google has warned.
The tech company said in a blogpost that quantum computers would pose a “significant threat to current cryptographic standards” before the end of the decade and urged other companies to follow its lead.
The company, owned by Alphabet, said: “The encryption currently used to keep your information confidential and secure could easily be broken by a large-scale quantum computer in coming years.”
As it stands, quantum computers – which can rapidly carry out complex tasks – are a nascent technology with great potential and significant obstacles to being widely usable.
I’m probably an idiot. Tell me I’m all wrong about this.
The danger is that quantum computers could factor large products well enough to reverse public keys, finding the associated private keys. Which would indeed be very bad. But this isn’t quite a magic key that opens everything.
Public key crypto is used to set up a secure network connection, but it’s not used to encrypt the data that flows on that connection. Quantum snooping would require an eavesdropper to intercept every bit on a connection, from initiation onward. And decrypting it would probably not be a real-time affair.
Public key crypto is also not used to protect your typical encrypted zip file or file system volume. Your Bitlocker and Veracrypt secrets aren’t about to fall to quantum spies.
I’m bothered that so many popular articles about this issue draw no distinction between the classes of cryptography that are vulnerable and those that are not.
It also needs to factor in a threat models. Maybe this is important for governments or giant conglomerates, but an average hacker isn’t going to have their hands on a quantum computing rig to just use. Until its use becomes widespread on a consumer level it will be mostly used by corporations and governments. I think it will be a while before a criminal organization has one, but maybe I am wrong.
It depends.
The attack type that is currently being considered is what is called Store Now Decrypt Later (SNDL). The idea is that some hypothetical future attacker could have a copy of all of your Internet traffic data for the past decade and such an attacker could utilize a not yet invented, but theoretically possible, quantum computer to break the encryption.
This is why systems are changing over to post-quantum encryption, because even if there are not quantum computers yet. The assurance that factoring prime numbers will be hard forever is no longer the case and the difficulty of factoring prime numbers underpins a lot of classical encryption.
A way of encrypting data in the past was to use the RSA keypair to exchange a symmetrical key, which is a system where both parties encrypt/decrypt data using a shared key. This allowed for a secure connection from RSA and also fast and computationally cheap encryption using a symmetrical algorithm. An attacker that has recorded traffic secured in this manner only needs to crack the RSA keypair to obtain the symmetrical key afterwards they can decrypt the traffic as if they were a participant. This kind of attack only requires the quantum computer to factor a single key.
More modern systems use methods which would create ephemeral keys which are used and discarded. They use a system of key exchange that allows both parties to create a shared key even when a listening party has access to all of the traffic between them. The RSA keypairs are only used to authenticate the two parties to one another, afterwards they use Diffie-Hellman (or Elliptical Curve Diffie-Hellman) to generate the shared key to encrypt the next packet.
Crypto systems like the one Signal employs takes this concept a step further using a double ratchet system, if this kind of thing is interesting to you ( https://www.youtube.com/watch?v=DXv1boalsDI )
Both links are from Computerphile on YT, they do good videos on Computer Science and Mathematics topics.