The era of fully fledged quantum computers threatens to destroy internet security as we know it. Researchers are in a race against time to prepare new cryptographic techniques before the arrival of quantum computers, as cryptographers Tanja Lange (Eindhoven University of Technology, the Netherlands) and Daniel J. Bernstein (University of Illinois at Chicago, USA) describe today in the journal Nature. In their publication they analyze the options available for this so-called post-quantum cryptography.
The expectation is that quantum computers will be built some time after 2025. Such computers make use of quantum-mechanical properties and can therefore solve some particular problems much faster than our current computers. This will be useful for calculating models for weather forecasts or developing new medicine. However, these operations also affect protection of data using RSA and ECC. With today's technologies these systems will not be broken in a hundred years but a quantum computer will break these within days if not hours.
Sensitive data in the open
Without protection a lot of sensitive information will be out in the open, even data from years back. "An attacker can record our secure communication today and break it with a quantum computer years later. All of today's secrets will be lost," warns Tanja Lange, professor of Cryptology at Eindhoven University of Technology. This concerns private data, bank and health records, but also state secrets. Lange saw the importance of alternative systems already back in 2006 and is busy with creating awareness and developing new systems. "Fairly recently we're seeing an uptake of post-quantum cryptography in the security agencies, e.g., the NSA, and companies start demanding solutions."
Lange leads the research consortium PQCRYPTO consisting of eleven universities and companies. PQCRYPTO started in 2015 with 3.9 million euro funding from the European Commission to develop new cryptographic techniques. "This might seem like a lot of money, but is a factor of 100 less than what goes into building quantum computers." says Lange. She cautions that it is important to strengthen research in cryptography. "Bringing cryptographic techniques to the end user takes often another 15 to 20 years, after development and standardization."
In their Nature publication Lange and Bernstein explain that a certain quantum algorithm, namely Shor's algorithm, breaks all cryptographic techniques that are currently used to establish secure connections on the Internet. Candidates for post-quantum cryptography can roughly be categorized into two types: they are either very well understood and confidence-inspiring but require a lot of bandwidth or they are more convenient to use but provide more questionable security.