In the power circles where policy and technology meet, there always seems to be someone with his or her “hair on fire” about some issue or another, and it can be difficult to differentiate between a serious matter, hype and political theater. When it comes to the looming threat to existing cryptography methods, however, the consensus is clear: Quantum computers will make it possible to crack all current public key encryption. This means that unless people in positions of leadership take action, malicious actors will be able to steal government and industrial secrets, not to mention individuals’ private encrypted information.
Why legacy public key cryptography is exposing data to risk
As of now, the vast majority of sensitive data is protected by public key cryptographic methods. The “key” is a very large number, usually generated using prime numbers as factors. Encryption software then uses the key in complex mathematical processes to encrypt a target data set. Decrypting the data requires the key. Without the key, the data is useless. In public key encryption, two parties that wish to share a secret need to exchange pairs of keys. Each entity has a public key and a private key. Using the public key in conjunction with the private key, each entity can either encrypt or decrypt the secret.
For now, public key cryptography is effectively impossible to breach. With existing computing technology, one estimate holds it would take 300 trillion years to “brute force” an RSA 2048-bit key. Other estimates measure the time to execute brute force attacks on today’s public key encryption in decades. This is about to change, however.
Public key encryption’s security is on the verge of vanishing with the advent of quantum computers. Whole books haven been written about this, but briefly, a quantum computer uses the qualities of quantum mechanics to create a calculating capability that exponentially exceeds the power of existing computers. Instead of using traditional “0 or 1” bits, the quantum computer uses quantum bits, or “qubits,” which can hold multiple values at the same time. And, because the quantum computer functions at an atomic level, it can execute computing tasks millions of times faster than a conventional computer.
What will this mean for cryptography? The best estimates available today predict that quantum computers will be able to crack public key encryption in a matter of hours using what is known as Shor’s algorithm. When quantum computers are able to break public keys that quickly, all data protected by today’s cryptography—which is to say the vast majority of sensitive data on planet earth—will cease to be secured. This moment has not yet arrived, but it already has a name: Q-Day.
The impacts of Q-Day
It’s not hard to imagine the impacts of Q-Day. Attackers will easily get access to data, control over systems, or both. At the level of the general public, a loss of encryption could lead to huge crime waves that involve bank account takeovers and theft of personal information. Hackers could disrupt daily life by commandeering Internet of Things (IoT) devices and connected vehicles.
Malicious actors could destroy critical infrastructure, causing electrical blackouts and a breakdown of emergency services and healthcare, just to name a few potential outcomes. At the level of national security, Q-Day would be an unmitigated disaster. Intelligence and military capabilities rely on secrecy, which would no longer exist.
When will this happen?
These dire Q-Day predictions are educated guesses because there is not yet a quantum computer with enough power to crack current encryption. Yet, with tens of billions of dollars being spent on quantum computer research and development in the US, China, and other countries, it’s likely that Q-Day – this moment of radical vulnerability – will arrive within the next 10 years.
A lot of things could go wrong with quantum computing development, which may push Q-Day off for a few more years. Things could go right, too, which would bring it sooner. And, in some very important ways, the timing doesn’t even matter. State actors, such as the Chinese intelligence services, are harvesting encrypted data from American and other international sources now. When Q-Day arrives, they will be able to easily decrypt any previously stolen data. And adding to this risk, systems will take years to upgrade to protect against this inevitable crisis. It is now time to act to protect data from Q-Day.
What to do about this problem
Given that many in the cybersecurity field understand the impact of Q-Day, a number of countermeasures have become available to help mitigate the threat. These include post-quantum cybersecurity (PQC) technologies, e.g., post-quantum encryption standards and various hardware- and software-based methods of defending data against quantum attackers.
The U.S. Government is taking the issue seriously. The National Defense Authorization Act (NDAA) of 2021, for example, mandates an evaluation of the quantum threat to national security systems. Executive orders from the Biden administration in January and May of this year mandate that federal agencies conduct an inventory of their encryption systems and report the ones that are following quantum-resistant algorithms.
The development of quantum-resilient algorithms is under way. The National Institute of Standards (NIST) is in the process of determining which approaches will become standard by next year. Once ratified, these new standards need to be applied to corporate and government networks, IT infrastructure and data. Making this work will invariably mean bringing in trusted experts to advise on post-quantum security policies and practical implementation of post-quantum countermeasures. The total upgrade will take years.
Q-Day is coming. It will bring massive disruption to society and our national security is at risk if those in charge of protecting our data do not take action. The technologies that enable such protection are either available now or in development for deployment in the near future. The updgrade to PQC from legacy public key cryptography should start right away. It is time for post-quantum methods of encryption to take over.