How Quantum Computing Can Be Used for Cryptography
One particular element of quantum computing that can be seen as both a positive and a negative is its ability to build and break encryption algorithms. This is especially troubling to the government and could have special implications for the military.
Early applications of quantum computing have included material design, financial risk management and MRI technology. According to Microsoft, as the global community of researchers, scientists, engineers and business leaders continues to collaborate to advance the quantum ecosystem, we can expect to see the impact of quantum computing accelerate across every industry.
At the moment, a quantum computer with enough stable qubits to use Shor’s algorithm to break current public-key cryptography has not been created and may not be for some time. However, experts agree that day is coming.
And while that particular threat is still on the horizon, there is a very real risk today that individuals may be intercepting and storing encrypted internet traffic now for decryption later, when a large enough quantum computer is available.
What Is Quantum Cryptography?
In the face of this looming threat, IT leaders should be thinking about the world of post-quantum cryptography, where cryptographic algorithms (usually public-key algorithms) would be secure against an attack by a quantum computer.
“Research into quantum-safe encryption will help secure data that needs to be protected over a long period of time, such as health records,” says Bob Sutor, vice president of IBM Quantum ecosystem development at IBM Research. “It’s why we’re working alongside others in industry and academia to standardize these quantum-safe protocols with the National Institute of Standards and Technology,” or NIST. Quantum cryptography, also referred to as quantum communication or quantum security, offers a theoretically secure solution to the key exchange problem, namely quantum key distribution (QKD).
“Quantum cryptography utilizes the principles of quantum mechanics to encrypt data and transmit it in a way that theoretically cannot be hacked,” says a Microsoft spokesperson.
The practice takes advantage of the “no change theory,” which dictates that no quantum presence can be interrupted without the interruption being detected. Photon particles generate encryption keys through their properties.
In quantum cryptography, a pair of photons is entangled to ensure that whatever happens to one affects the state of the other. A sender would transmit one of these photons to a recipient, who performs a previously agreed-upon measurement, which will also be reflected in the proton kept by the sender, thanks to quantum entanglement. If the calculation is correct, both parties know that their communication is encrypted. To break the key and steal the message, a hacker would need to measure the particles, which would alter their behavior. This would serve as an alert that the key had been compromised and rendered useless.
“If someone intercepts the photon and performs something other than the agreed-upon calculation or measurement, you will immediately know it didn’t reach its intended target and you can stop communicating,” says Tiago Mata, a lecturer in science and technology studies at University College London.
If quantum cryptography makes it a hundred times more difficult for “bad guys” to crack systems and steal the data — or an improvement of exponentially more profound impact — then federal IT decision-makers have a duty as public servants to seriously explore and invest in this technology.
While still an emerging technology being reviewed for standardization by NIST, quantum safe cryptography does exist today in solutions like IBM’s lattice-based cryptographic suite, known as CRYSTALS, Sutor says.
“We also offer a Quantum Security Risk Assessment, where companies can learn more about quantum-safe and other cybersecurity strategies and implementations,” he says.
What Is Post-Quantum Cryptography?
In short, post-quantum cryptography consists of algorithms designed to withstand cyberattacks should quantum computers become powerful enough. Once that happens, says Dustin Moody, a mathematician at NIST, post-quantum encryption will come into play on a large scale.
“For most organizations, quantum encryption or QKD is not what they’re going to need. It’s most likely going to be post-quantum encryption,” Moody says.
According to Mata, work began on developing post-quantum cryptography almost immediately once the algorithm that could enable quantum computing was created.
“The day after Shor’s paper was published, people started asking, ‘Is there something we can do about this?’” he says.
In 2015, the National Security Agency made a public statement about the quantum threat and announced that the agency was starting its transition, something Moody says was not only a surprise but also underscored the need to take post-quantum cryptography seriously.
“That caught a lot of people off guard because the NSA doesn’t usually talk about crypto. But it also reinforced that the quantum threat is real if the NSA is taking this seriously and they’re talking about it,” Moody says.
Standardization of Post-Quantum Cryptography
One of the next important steps to make quantum-safe cryptography more widely adopted by government and industry, says Sutor, is standardization, which NIST is currently undertaking.
Today, NIST is evaluating post-quantum algorithms with an eye toward choosing a standard for all post-quantum cryptography. In 2016, the organization announced an international contest that resulted in 82 algorithms submitted for consideration, 69 of which met the predetermined requirements. In 2019, the 26 most promising submissions were chosen to move on to the next round of evaluations and testing, including those from Microsoft and IBM. NIST hopes to narrow that list even further by June for a third round of evaluation. The institute is aiming to have a standard released for public comment by 2022.
“We will continue to evaluate the security characteristics and the performance characteristics before we select standards,” Moody says. “We’re trying to move quickly because we know this already exists, but at the same time, we want to have absolute confidence in whatever we select to standardize.”
Until there are standards for post-quantum cryptography, it does no good to go all-in on a particular algorithm. But that doesn’t mean there’s no work to be done in the meantime.
“The best way to start preparing is to ensure that all current and future systems have cryptographic agility — the ability to be easily reconfigured to add quantum-resistant algorithms,” says Brian LaMacchia, distinguished engineer and head of the security and cryptography group at Microsoft Research.
This preparation will be critical once NIST completes its standards. “Agencies should at least be thinking about readiness, so that once an algorithm is standardized, they can update at a moment’s notice,” Mata says. As for how to approach this readiness, Moody says the best way to start is to consume as much information as possible about post-quantum cryptography.
“First off, be aware and do some basic information gathering and reading. Also, know that quantum computers have a potentially positive effect as well as a possible negative effect with regards to cryptography,” Moody says.
The next step, he says, is for agencies to analyze the cryptography they are using, look at how it is being used and determine if their cryptography can be broken by a quantum computer. This will help determine how the agency moves forward.
“Start trying to come up with a plan, knowing you’re going to have a transition at some point. Within five to 10 years, these algorithms will be standardized and we’re going to have to switch. So, let’s start planning how we’re going to do that or setting aside money to have someone in charge of that,” Moody says. “The main message would be that this is a real threat. We are working on it. There will be a transition in the future, and the sooner they can start learning and preparing for it, the better it will go for them.”