Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, Google has warned.
The tech company said in a blogpost that quantum computers would pose a “significant threat to current cryptographic standards” before the end of the decade and urged other companies to follow its lead.
The company, owned by Alphabet, said: “The encryption currently used to keep your information confidential and secure could easily be broken by a large-scale quantum computer in coming years.”
As it stands, quantum computers – which can rapidly carry out complex tasks – are a nascent technology with great potential and significant obstacles to being widely usable.
I’m probably an idiot. Tell me I’m all wrong about this.
The danger is that quantum computers could factor large products well enough to reverse public keys, finding the associated private keys. Which would indeed be very bad. But this isn’t quite a magic key that opens everything.
Public key crypto is used to set up a secure network connection, but it’s not used to encrypt the data that flows on that connection. Quantum snooping would require an eavesdropper to intercept every bit on a connection, from initiation onward. And decrypting it would probably not be a real-time affair.
Public key crypto is also not used to protect your typical encrypted zip file or file system volume. Your Bitlocker and Veracrypt secrets aren’t about to fall to quantum spies.
I’m bothered that so many popular articles about this issue draw no distinction between the classes of cryptography that are vulnerable and those that are not.
Public key crypto is used to set up a secure network connection, but it’s not used to encrypt the data that flows on that connection. Quantum snooping would require an eavesdropper to intercept every bit on a connection, from initiation onward. And decrypting it would probably not be a real-time affair.
It depends.
The attack type that is currently being considered is what is called Store Now Decrypt Later (SNDL). The idea is that some hypothetical future attacker could have a copy of all of your Internet traffic data for the past decade and such an attacker could utilize a not yet invented, but theoretically possible, quantum computer to break the encryption.
This is why systems are changing over to post-quantum encryption, because even if there are not quantum computers yet. The assurance that factoring prime numbers will be hard forever is no longer the case and the difficulty of factoring prime numbers underpins a lot of classical encryption.
A way of encrypting data in the past was to use the RSA keypair to exchange a symmetrical key, which is a system where both parties encrypt/decrypt data using a shared key. This allowed for a secure connection from RSA and also fast and computationally cheap encryption using a symmetrical algorithm. An attacker that has recorded traffic secured in this manner only needs to crack the RSA keypair to obtain the symmetrical key afterwards they can decrypt the traffic as if they were a participant. This kind of attack only requires the quantum computer to factor a single key.
More modern systems use methods which would create ephemeral keys which are used and discarded. They use a system of key exchange that allows both parties to create a shared key even when a listening party has access to all of the traffic between them. The RSA keypairs are only used to authenticate the two parties to one another, afterwards they use Diffie-Hellman (or Elliptical Curve Diffie-Hellman) to generate the shared key to encrypt the next packet.
Crypto systems like the one Signal employs takes this concept a step further using a double ratchet system, if this kind of thing is interesting to you ( https://www.youtube.com/watch?v=DXv1boalsDI )
Both links are from Computerphile on YT, they do good videos on Computer Science and Mathematics topics.
It also needs to factor in a threat models. Maybe this is important for governments or giant conglomerates, but an average hacker isn’t going to have their hands on a quantum computing rig to just use. Until its use becomes widespread on a consumer level it will be mostly used by corporations and governments. I think it will be a while before a criminal organization has one, but maybe I am wrong.
The encryption currently used to keep your information confidential and secure
Meanwhile data is leaked all the time, taken by doge or just given to palantir for processing.
Translation: Google IR needs to start juicing quantum computing now that cracks are forming in the AI hype cycle.
Quantum is much cooler than the current LLM circlejerk.
Tell us something we didn’t know google, turns out there’s people out there that already devising solutions for this problem but your already know that
I mean, they specifically point to post-quantum cryptography and advise people to move towards it in the article:
Google said: “We’ve adjusted our threat model to prioritise post-quantum cryptography migration for authentication services – an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit.”
The issue here is not that there aren’t solutions; it’s that organizations are not interested in taking the time and effort to move towards them. I’ve been beating this particular drum at my org for about a year, and I’ve gotten zero traction. This is a concern because moving to New encryption means taking all the data you’ve got, decrypting it, and re-encrypting it. That’s not fast when you’re talking hundreds of terabytes.
Fairly not super experienced on things. but how viable is a layered system, does it just prohibitively slow or storage consuming or is it moderately feasible to say double encapsulate everything.
Huh, interesting; that’s a good question. I’m not actually sure about that; it’d be a good thing for me to dig into more. Thanks for the thought!
Continuing from OP’s snippet:
Leonie Mueck, formerly the chief product officer of Riverlane, a Cambridge-based quantum startup, said Google’s statement did not necessarily suggest there would definitely be a working quantum computer capable of breaking encryption by 2029.
In fact, most timelines for a cryptographically relevant quantum computer – that is, one powerful enough to break encryption – range from the 2030s to the 2050s. But Mueck said the prospect was close enough that governments were already preparing for the eventuality that data stored to today’s encryption standards would be exposed when the technology sufficiently advances.
“We’re basically seeing in the intelligence community already that for probably more than a decade they’ve been thinking about this threat,” Mueck said.
Last year the UK’s cybersecurity agency, the National Cyber Security Centre, urged organisations to guard their systems against quantum hackers by 2035.
Google’s timeline suggests engineering teams across the technology industry should consider measures to protect sensitive data by migrating to more advanced encryption systems now. Certain kinds of attacks predicated on the future availability of quantum decryption – “store now, decrypt later” – may currently be being deployed across the field.
deleted by creator
