If all the world had been water balloons, the guy with the Super Soaker would reign supreme. That’s essentially the situation with the arrival of quantum computers. They’re so powerful that it takes them mere hours to solve problems that would take modern computers years to work through. That means that the moment the first quantum computer turns on, encrypted data across the internet is pretty much up for grabs. That is unless we do something about it.
I Am The Gatekeeper. Are You The Keymaster?
If you want to send a secret message — whether it’s military intelligence about enemy troops or your credit card number to buy a toaster online — you have to encrypt it. Encryption is a way of encoding a message so that only authorized parties can read it and nobody can eavesdrop on the transmission. To encrypt something, you need a cypher, which is an algorithm that converts the message into a scrambled mess of characters that can only be turned back into the original message using a special key.
The internet these days uses two types of encryption. Symmetric-key cryptography is the oldest; it uses a single key to both encrypt and decrypts the message. Say Beyoncé and Jay-Z wanted to exchange secret messages. With a symmetric-key system, Beyoncé and Jay-Z would meet beforehand and agree on a secret key they can use later to send messages back and forth without anyone else being able to read them.
But meeting beforehand isn’t always possible, and anyway, what if someone (ahem, Becky with the good hair) was eavesdropping on that secret meeting? That’s why we have public-key cryptography. It’s a type of asymmetric-key algorithm since it uses more than one key, and it’s the bread and butter of modern online commerce.
In this case, Beyoncé might tell Jay-Z publicly how to encode a message to her, but only she would know how to decode it. This works because some mathematical processes are easy to do, but hard to undo. For example, Jay-Z could multiply two large whole numbers and send the result to Beyoncé, but an eavesdropper (Becky!) would have a hard time figuring out the original numbers from that final result. In the real world, the difficult math problems that public-key systems rely on are called hidden subgroup problems.
Quantum Is Coming
So here’s the thing: experts predict that once quantum computers are up and running, they’ll be able to solve hidden subgroup problems in no time. That’s because while traditional computers manipulate every particle of information, or “bit”, as either a 0 or a 1, quantum bits or “qubits” can exist as 0, 1, and all points in between. That makes quantum computers millions of times more powerful than the computers that created those encryption algorithms.
Nobody has created a quantum computer that can do anything of real importance yet, but it’s reasonable to assume they’ll be here sometime after 2025. And like any technology, we won’t switch from traditional to quantum computing in one fell swoop — it’ll be gradual, and that leaves traditional cryptography at risk. Even secure information from the past is at stake. “An attacker can record our secure communication today and break it with a quantum computer years later. All of the today’s secrets will be lost,” warns Tanja Lange, professor of Cryptology at the Eindhoven University of Technology.
But there’s hope. Lange leads the research consortium on Post-Quantum Cryptography, or PQCrypto, which combines the intellectual prowess of 11 different universities and companies to come up with new ways of encrypting data, hopefully without the use of hidden subgroup problems. It only started in 2015, and Lange says it can take up to 20 years after development of a new cryptographic technique to reach the end user. But they may have no other choice. Quantum computing is coming, and we have to be ready when it does.
We spoke with the Army Cyber Institute’s deputy chief of research about how quantum computers and other technologies could impact cybersecurity.