Q&A: How to protect data in post-quantum world

People, governments and corporations place a lot of trust in encryption algorithms to protect their data. But cybersecurity experts have warned for years that current algorithms may become useless when quantum computers arrive.

These computers, they say, will be able to solve complex problems that would take even the most powerful modern computers thousands of years to crack. Unlike classical computers — including the smartphones and laptops we use every day — which encode information in binary “bits” that can be either 0 or 1, quantum computers use "qubits," which can be 0 and 1 at the same time.

This is an important difference: bits in classical computers are black and white, while qubits work more naturally. They can be uncertain and change their behavior when exposed to the outside world — noise or light. 

Although a practically useful version of a quantum computer doesn't yet exist (and it may be a long time before they can break modern encryption) regulators and researchers are already taking steps to protect user data in a post-quantum world.

Tech giants like Google, Microsoft, IBM, Tencent, and Alibaba are rushing to outdo each other in quantum tech, while U.S. and Chinese governments are ready to pour billions of dollars into the field. Researchers, meanwhile, are striving to develop quantum-secure encryption methods.

Earlier in May, President Joe Biden ordered federal agencies to prepare the U.S for a new era of quantum-fueled hacks, while in August, researchers tested one of the most powerful post-quantum computing encryption algorithms, SIKE [Supersingular Isogeny Key Encapsulation]... which was cracked in an hour with a single traditional PC.

The Record talked to Lukasz Olejnik, an independent cybersecurity researcher and fellow at the Geneva Academy of International Humanitarian Law and Human Rights about the promises and challenges of post-quantum encryption and how it will change the future of the cybersecurity industry. The interview has been lightly edited for space and clarity.

Daryna Antoniuk: When do you think general-purpose quantum computers will arrive?

Lukasz Olejnik: It is difficult to estimate. I think it would be safest to say “somewhere in the next 10 to 100 years.” It's unlikely to happen in fewer than 10 years.

Although significant progress has been made in the previous 25 years, many challenges remain, including at the basic scientific and research levels.

DA: So why should we start thinking about post-quantum encryption today?

LO: It’s important because quantum computers fundamentally challenge some crucial security assumptions we make. For example, that factoring big numbers is intractable. 

Shor’s algorithm [a quantum computer algorithm for finding the prime factors of an integer], if deployed, could indeed break current encryption, although such a deployment would be challenging in itself.

Quantum computers & classical computers

Сlassical computers use bits — the most basic units of information — to transfer data. A bit represents one of two possible values: either 1 or 0, which make up a binary code. The more complex the data, the more bits computers need to describe it.

Quantum computers are more powerful because they use qubits, which can be 1, 0, or both 1 and 0 at the same time — the state known as a superposition. Due to their “uncertain” nature, qubits can hold more information, more efficiently and tackle complex problems much faster.

DA: Do you think some hacker groups are already trying to build tools to crack quantum computers?

LO: No. It’s way too early to consider this realm by cybercriminals. Only some companies started to provide cloud-based access to quantum computers. But these are very early days. For the time being, there are no useful things that currently available quantum computers could do.

DA: How will the arrival of quantum computers change hackers? Should they all have a good understanding of the laws of physics to crack these computers?

LO: That depends on the needs. If one wants to understand the lower hardware level, learning quantum mechanics and quantum information theory is necessary. But to hack on current computers it is generally not needed to know how the basic electronic building blocks actually function. Most hacking is done in software. 

For government/state/military users in the security field, this is, however, completely different. Assuming that a quantum computer will become available, the early hardware would demand very advanced knowledge. So the early users will definitely benefit from this. But I do not think end-users would need to be experts in quantum information science or quantum mechanics.

DA: What post-quantum encryption will change for users?

LO: Nothing. For end users, it should work the same. Of course, under the hood, the encryption system would work differently, the core data structures would be different, and some of the network packets may be much bigger than today. But for the end user, the look-and-feel will be the same as today.

DA: Is our internet infrastructure ready for the arrival of quantum computers? 

LO: No, it is not. Core internet security protocols would be vulnerable. Migrations would be expensive too, but it is also a very difficult task to even plan such a migration and get good people for the tasks.

We also don’t have networks that can transmit qubits. For that, network infrastructure would have to be adapted — either the current one or we need to build something completely different: quantum networks.

DA: What’s the next step in the development of post-quantum encryption algorithms?

LO: We must wait for the NIST’s [National Institutes of Standards and Technology] 4th round results. Similar processes are ongoing in Europe, and China, too. Then, let’s hope that the chosen solutions will be far better than SIKE.

I don’t currently think that moving forward with SIKE/SIDH [Supersingular Isogeny Diffie-Hellman] would be a good idea. It’s better to move on. 

In August, another post-quantum cybersecurity algorithm weakness was found — this time in SPHINCS+ digital signature algorithm. The attack allowed forgery of an unlimited number of signatures of the attacker’s choice.

It is also very difficult to assess how the currently proposed post-quantum cryptography will stand in the long run, against quantum or classical [non-quantum, those of today] attacks. The recent breakage of SIKE/SIDH is quite worrying, as the proposed scheme was supposed to be quantum-resistant. 

Yet, it can be broken by a single laptop in under an hour, and attacks are already improving. That’s some bucket of cold water on the heads of enthusiasts and a big warning sign.

DA: What will the arrival of quantum computers mean for cryptocurrencies? Strong encryption is the essence of blockchain tech.

LO: It depends on the cryptocurrency and the technical building blocks they use. But huge problems also face traditional finance technologies, which is a much bigger problem since cryptocurrencies are — all things considered — a niche.

In the case of some cryptocurrencies (like BTC), some changes would have to be made [to adapt it to post-quantum encryption]. But some infrastructural changes would have to be made to Visa systems, and payment terminals too.

RSA encryption & quantum encryption

RSA is an algorithm used by modern computers to encrypt and decrypt messages. It relies on the difficulty of factoring large numbers. Under RSA, messages are encrypted with a code called a public key, which can be shared openly. Once a message has been encrypted with the public key, it can only be decrypted by another key, known as the private key.

Quantum computers can theoretically crack RSA encryption because they are good at crunching large numbers. Instead of math, quantum cryptography relies on the laws of physics. It uses a series of photons (light particles) to transmit data from one location to another.

In 2016, the U.S. National Institute of Standards and Technology (NIST) launched an eight-year competition to find quantum-proof successors for RSA algorithms. In July 2022, NIST announced it has chosen the first group of algorithms meant to protect sensitive data against an attack from a quantum computer. 

It selected the CRYSTALS-Kyber algorithm for general encryption, used for access to secure websites. For digital signatures, NIST went with three algorithms: CRYSTALS-Dilithium, FALCON, and SPHINCS+.

DA: What leverage will quantum computers give to the nation that owns them? 

That would be absolutely majestic leverage. The first ones to get the technology will have some potential to gain quick speedup on multiple important problems, such as computational chemistry [which uses computers to solve complex chemical problems, like developing drugs faster and more effectively]. This means that initially, we may expect some inequality here.

I also have no doubts that the successful development of quantum computers would also have geopolitical consequences, though those would be very subtle.

Quantum computer development is already geopolitical, with national programs run in the U.S., Europe, and China. If quantum computers happen in this century, they would be among the most important inventions in this age, and in fact in history, too.