Research how quantum computing is being used in both enhancing cryptography, and weakening existing cryptography standards, and discuss these with the class. Based on your research, how do you think quantum computing will change the IT security field, and how long do think until we begin seeing these changes? A lot of this is very theoretical at this time, but how much longer until we will need a lot more than just one paragraph in this text that discusses quantum computing?
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
Anthony Clayton Fecondo says
Most of modern cryptography utilizes public-key encryption which is considered relatively secure (1). However, experts believe quantum computers, given time to develop and mature, will be able to easily crack this encryption technique due to the ability to test multiple possibilities simultaneously. Quantum computing weakens existing cryptography standards by providing the ability to solve the algorithms involved in cryptography exponentially faster than a standard computer. In order to crack cryptography algorithms, quantum computers will be able to leverage Shor’s Algorithm, an algorithm that “can only be executed on a quantum computer [and] can factor large numbers in log(n)^3, which is drastically better than the best classic attack. (2)”
The good news is that, although quantum computing is in the early stages of development, industry experts see the looming threat that quantum computing poses and have started developing new “post-quantum cryptography. (3)” The concept of post-quantum cryptography, a collection of encryption algorithms that “aren’t significantly faster to solve on a quantum computer,(4)” provides hope for the development of effective, quantum computing resistant cryptography algorithms. Experts believe that lattice-based encryption and multivariate cryptography might be viable options for maintaining cryptography practices in a post-quantum computing world, but none of these methods have been tested against a quantum computer so it’s hard to say how effective the methods will be.
The fact that industry experts are aware of the threat and are already working on strengthening current cryptography methods means that today’s cryptography methods will continue to get stronger and that hopefully, there will be effective cryptography methods for defending against quantum computers when they are fully developed. I think that cryptography will survive quantum computing because technology industries are used to having to innovate and adapt to combat disruptive technologies. I think we have another five to ten years before we will really be impacted by quantum computing and I’m fairly confident that new standards for cryptography will be developed that will defend against the capabilities of quantum computers.
1. http://www.tripwire.com/state-of-security/featured/will-quantum-computers-threaten-modern-cryptography/
2. http://www.makeuseof.com/tag/quantum-computers-end-cryptography/
3. https://en.wikipedia.org/wiki/Post-quantum_cryptography
4. http://www.makeuseof.com/tag/quantum-computers-end-cryptography/
Andres Galarza says
Anthony,
Thanks for the detailed explanation and sources. As someone who (regrettably) didn’t do so hot in many of his math classes, this week’s Cryptography topic has been a challenge to learn. Between your post and some YouTube lectures I found, I think I have a better understanding.
For others, here are the videos I found:
– https://www.youtube.com/watch?v=vNV_3PkA9WM (How To Break Encryption – Defeating The Hackers – BBC; 3:44)
– https://www.youtube.com/watch?v=wF-BWgnpYmI (Quantum cryptography: basics and technology with Vadim Makarov; 50:00)
Darin Bartholomew says
This is over simplified, but I admittedly struggle with the complexity of this. Quantum computing in general brings so much more computing power to the table. It’s the ability to compute mathematical problems and algorithms quicker. This could be used to crack existing cryptography quicker or create more complex algorithms to encrypt data. I agree with Anthony’s point. The fact that this is known and security professionals are working on solutions is important and a good sign.
Ruslan Yakush says
Quantum computing has many benefits, but it could also undermine the cryptographic algorithms. Unlike conventional computers, which require data to be encoded into binary digits (bits) with values of either zero or one, quantum computers use quantum bits (qubits), which represent both zero and one values. If these qubits are separated while acting as though they are still connected, it can provide a huge amount of simultaneous output.
The obvious benefit of Quantum computing is that it breaks existing computer’s calculation power limitation and creates a computing power allowing to process a massive amount of data within very short period of time. In the context of cryptography world, if quantum computing is fallen into hands of malicious hackers, it would provide opportunity for them to break any encrypted information extremely fast and therefore defeat whole purpose of cryptography.
Quantum computing promises to be one of the most transformative innovations of the 21st Century, and actually, many companies such as Microsoft and IBM are investing a lot of money and resources into bringing it to the world at a full speed. It is predicted that in about 10-20 years, Quantum Computing will be fully introduced into the society and used at global scale for research, testing, analysis, hacking and hardening.
Given the benefits and risks of Quantum Computing, while it is so powerful by its nature, it can be used for breaking IT security; however, it can also help to create a whole new universal cryptography algorithm that might be impossible to break and perhaps be a single problem solver for the entire IT space.
Mengqi He says
Quantum computing studies quantum computers that make direct use of quantum-mechanical phenomena, such as superposition and entanglement, to perform operations on data. Traditional binary electronic computers are based on transistors, and use electronic current to turn on or off circuits to encode bits. They render data in binary bits that can only be one of the two states, 1 or 0, on or off. For example, there are four combinations for 2 bits, 00, 01, 10 or 11. They can be any of those positions and be only in one of them at a time. However, quantum computers can use qubits by using a single electron. Unlike a digital circuit, an electron can be doing many things at once. When you measure the electron, it actually doing both at the same time. It doesn’t have a defined state, and therefore, qubit doesn’t have to be either 1 or 0, and it can be any proportions of both states at a time as long as it is unobserved. That means for 2 bits, they can be 00, 01, 10, 11, all of these positions at once. This is called superposition. Therefore, qubits can carry more information than bits before it is measured. The values that qubits can carry equals to 2n bits, where n is the number of qubits used. That means quantum computers can carry out multiple computations at once, and the uncertainty around quantum states allows us to encode more information into a much smaller computer.
Quantum computers will shorten the calculating and computing time by doing multiple computations at a time. At the instant a qubit is measured, it collapses into one of the definite states, like a bit, either 1 or 0. All the other information about the states before the measuring is lost. That means a 2-qubit combination can only be one of the values, 00, 01,10, or 11 when it is measured. What we need to do is just to design a logical operation to get the final computation result you need. Therefore, quantum computers can be used for searching for needed information in a database. A traditional computer may have to test every single one of the entries to filter out unneeded information and keep needed information. It usually takes a long time, especially for a large database. However, quantum computers need only the square root of that time to screen all the entries, pick out what we need and just show the final results to us. However, fast is not always a good thing, especially for IT security because it’s fast to you also means that it’s fast to hackers and attackers. Right now your email and banking data is being kept secure by an encryption safety system in which you give everyone a public key to encode messages that only you can decode. The problem is that this public key can actually be used to calculate your secret private key. Luckily, doing the necessary math on any normal computer would literally take years of try and error, but a quantum computer with exponential speed up could do it much faster. On the other hand, quantum computers are not fast all the time. A qubit will collapse into either 1 or 0, and that means other values the qubit carried will not be available when it is measured. Therefore, it actually does not speed up things like watching a video or browsing internet that requiring every piece of data. In these cases, a qunit is equal to only one bit and quantum computers maybe even slower than traditional ones. Quantum computers can be only used in the situation that all the quantum superposition available at the same time to do same parallel computing. That’s also why quantum computers cannot replace traditional computers.
Refernces: https://www.youtube.com/watch?v=JhHMJCUmq28
Mushima K. Ngalande says
Factoring as it’s so hard is the basis for many encryption schemes for protecting credit cards, state secrets, and other confidential data. It’s thought that a single quantum computer may easily crack this problem, by using hundreds of atoms, essentially in parallel, to quickly factor huge numbers
Peter Shor in 1994 came up with a quantum algorithm that calculates the prime factors of a large number, vastly more efficiently than a classical computer. However, the algorithm’s success depends on a computer with a large number of quantum bits. While others have attempted to implement Shor’s algorithm in various quantum systems, none have been able to do so with more than a few quantum bits, in a scalable way. The goal is to find scalable quantum system for factoring numbers efficiently. While it typically takes about 12 qubits to factor the number 15, researchers have been working on it and a team at MIT led by Isaac Chuang indicate they have found a found a way to shave the system down to five qubits, each represented by a single atom. With the discoveries being made today its now widely expected to work within five to 30 years. By exploiting the probabilistic rules of quantum physics, the devices could decrypt most of the world’s “secure” data, from NSA secrets to bank records to email passwords. This will definitely change the IT field.
How do you think quantum computing will change the IT security field?
– It will change IT in that organizations and even governments would probably want to avoid storing secrets publicly using encryption that relies on factoring as more powerful quantum computers would be able to go back and unencrypt all those old secrets. As NSA has indicated in a document from the Snowden leaks, the application of quantum technologies to encryption algorithms threatens to dramatically impact the US government’s ability to both protect its communications and eavesdrop on the communications of foreign governments.
– It will push IT Practitioners to find more secure solutions for the next generation. It may move to see quantum encryption methods that will inscribe sensitive data into the very states of atoms, basically encryption that is guaranteed by the laws of physics.
– Push to switch to post-quantum encryption earlier so that when various state-sponsored hackers get their hands on the the power of a quantum machine, your data will have a better chance of staying safe.
how long do think until we begin seeing these changes?
Changes are beginning to take place.
– Quantum Key Distribution (QKD). This is currently available and doesn’t require a quantum computer as it uses quantum physics to build a key, rather than relying on hard mathematics. The basis is that if one sent a single photon of light and if somebody looks at that single photon, then it disturbs the properties of those photons, Data can be encoded on that photon and it woudl be unreadable. However at the moment there are limitations in distance and the amount of data that can be sent, but the principle is there.
– There is consideration of using lattice-based encryptions which uses the difficulty of finding the nearest point in a multi -dimensional grid of points – the private key could be the lattice point. Google has ran a small trial on a portion of traffic in the Canary build of Chrome using the “New Hope” lattice-based algorithm, but made it clear it wasn’t a vote for that version to become a standard, merely a first stab at trialing encryption for the post-quantum future.
.
https://theconversation.com/quantum-computers-could-crack-existing-codes-but-create-others-much-harder-to-break-21807
https://www.wired.com/2014/01/hard_targets/
http://www.wired.co.uk/article/quantum-computers-quantum-security-encryption
Amanda M Rossetti says
Encryption being used to store state secrets is a really good point, Mushima. Matthew Green, a computer scientist from Johns Hopkins Information Security Institute, predicts that practical use of quantum computing is still 15 to 30 years away. This will mean that most data currently being encrypted by ‘old’ encryption methods that rely on factoring today, won’t need to still be encrypted when quantum computing becomes viable, but state secrets and other government information will still need to be confidential 30 years from now. This also highlights why we need to start moving away from ‘old’ encryption methods now, instead of waiting until quantum computing is viable. The linger we continue to use the ‘old’ encryption methods, the more likely that something that needs to be protected after quantum computing is viable will be vulnerable.
The NSA plans to change the encryption being used on government and military data to one that can withstand quantum computing. I found an article that claims that lattice-based schemes are the most promising but the Government Communications Headquarters (GCHQ), Britain’s version of the NSA, says the most efficient lattice-based schemes are vulnerable to attack. They say that some security holes were left as the scheme was slowly made more efficient.
http://spectrum.ieee.org/tech-talk/computing/hardware/encryptionbusting-quantum-computer-practices-factoring-in-scalable-fiveatom-experiment
https://www.wired.com/2015/09/tricky-encryption-stump-quantum-computers/
Vaibhav Shukla says
Quantum computing in simple words is something that allows a particle to be both a zero and a one at the same time. Quantum cryptology depends on physics, not mathematics.
Quantum cryptography uses photons to transmit a key. Once the key is transmitted, coding and encoding using the normal secret-key method can take place.
But question comes how photon can be used to assign data so this is where binary code comes into play. Each type of a photon’s spin represents one piece of information — usually a 1 or a 0, for binary code. This code uses strings of 1s and 0s to create a coherent message. For example, 11100100110 could correspond with h-e-l-l-o. So a binary code can be assigned to each photon — for example, a photon that has a vertical spin can be assigned a 1 and horizontal spin as o .
Since this method uses physics instead of math to create the key used to encrypt the data, there’s little chance it can be cracked using mathematics.
It has certain flaws the original quantum cryptography system, built in 1989 by
Charles Bennett, Gilles Brassard and John Smolin, sent a key over a distance of 36 centimeters . Since then, newer models have reached a distance of 150 kilometers (about 93 miles). But this is still far short of the distance requirements needed to transmit information with modern computer and telecommunication systems and additionally quantum mechanics can make codes to break this cryptography .
http://science.howstuffworks.com/science-vs-myth/everyday-myths/quantum-cryptology.htm
http://www.lifehacker.com.au/2014/02/how-quantum-computing-will-change-cryptography/
Mengxue Ni says
I think even today I need more than just one paragraph to discusses quantum computing. Quantum computing is one of the resources in the toolkit of cryptanalysts. Quantum computing is based on physical quantum properties to perform operations, which behaves differently than the electronic properties we are used to finding in today’s computers and its basic unit of information, instead of bit, is called quantum bit or qubit. It started to be used in theoretical attacks against cryptosystems back in 1994, when Peter Shor published a quantum algorithm to find the prime factors of a given integer.
In 2006 the first PQCrypto Conference was hosted, bringing together researchers to look for secure alternatives against quantum computing attacks. At the time, some alternatives were already at hand, such as McEliece encryption (1978), and ever since many programs to fund research in PQCrypto have been launched. To many organizations and professionals, post-quantum computing represents a chance to rebuild their systems from scratch. The causes for the restart may be specific to an enterprise’s reaction to quantum computing, but they are already showing up. The post-quantum cryptography (PQC) landscape is where we are all heading, whether we want to or not.
There is a decline in the use of public-key algorithms, such as RSA and Elliptic Curves. In cases like symmetric crypto and hash functions, the current parameters will have to be revisited to ensure that they stay secure in a quantum world. This shift to modern algorithms should happen transparently to end users; however, whoever is responsible for development or configuration of security applications should be ready for the coming changes – in particular, those who support these functionalities in legacy systems.
As of now, new hope seems to be the most reliable method for in-transit document protection, if only because it uses well-examined, longstanding concepts. A long-term problem remains, however: methods will have to change and evolve. Underlying assumptions will vary as practical quantum computers arrive and quantum-flavored zero-day exploits emerge. Finally, if you expect long-term security for your information, then you should start looking for alternatives or planning for these changes right away. Adversaries who cannot overcome the security of your information today, by decrypting your data or forging your signature, can nevertheless keep a record of the data until they have quantum computers, at which point their attacks will succeed.
link: http://www.welivesecurity.com/2016/06/14/quantum-computation-cryptography-armageddon/
Andres Galarza says
Running into an issue with Practical Assignment 5.2
The final step of this section where we are supposed to use our private key to decrypt the .enc file that is a combination of our userID and a partner’s userID I am given the following error.
“unable to load Private Key”
I am using the following command
1. openssl rsutl -decrypt – inkey .pem -in _.enc -out decrypted.text
where and are not literal
Anyone else having issues?
Andres Galarza says
Oops I guess it doesn’t like “” brackets.
I am using myuserID.pem and trying to decrypt myuserID_theiruserID.enc
Ioannis S. Haviaras says
Quantum computing uses quantum physical properties to perform operations at a substantially faster rate than any computer would be able to perform today. In traditional computers transistors are either switched on or off (0 or 1), in quantum computers there are an infinite number of states that the “transistors” could undergo. Ultimately, this allows quantum computers to be significantly more powerful than computers are today. This can cause issues however for IT security since much of the security around encryption technologies are based around how long an algorithm can be cracked. If quantum computer would to become mainstream these computers could crack algorithms that would once take thousands of years to maybe only a couple years. Many cryptographers have already started creating new algorithms in the preparation that quantum computers become mainstream. Post-quantum cryptography research is focused on six approaches: lattice-based, multivariate, hash-based, code-cased, supersingular elliptic curve isogeny and symmetric key quantum resistance. It is estimated that in 20 years quantum computers will be available as mainstream, which is why many cryptographers are racing to figure out how to alter cryptography to prevent quantum computers from cracking algorithms quickly.
https://en.wikipedia.org/wiki/Quantum_computing
https://en.wikipedia.org/wiki/Post-quantum_cryptography
http://www.cio.com.au/article/444610/quantum_computers_will_commercially_available_20_years_scientist/
Loi Van Tran says
Quantum Computing Vs. Traditional Computing
Traditional computing does two things really well, store numbers in memory and process the stored numbers with simple mathematical equations. Both processes are done using switches known as transistors. The transistors has two states {on,off} which are stored as binary digits (bits) of 1’s and 0’s. A computer can have up to two billion transistors inside of a single chip, allowing it to store and process more bits. According to Moore’s Law – the power of computers doubling roughly every 18 months is becoming more difficult to achieve because the relative size of today’s transistors are the size of an atom.
Quantum Computing
Quantum-computing looks at the behavior of transistors in an entirely different light. As the size of transistors becomes more atom-like, it behaves differently. It has more different properties, to allow it to store more values than just 1’s and 0’s. A qubit, analogous of bits in traditional computing, is capable of storing 1’s, 0’s, both 1’s and 0’s, or an infinite number of values in between and in different states at the same time. This idea allows quantum computers to store and process millions of time more than traditional computing.
Impacts on cryptography
Most encryption have their basis in prime factoring from public key encryption. With a traditional computer, multiplying two large prime numbers can be done rather quickly, but factoring requires more processing power. Since traditional computers can only do one thing at a time, it has to go through each combination of factors that would give it the correct value which would require a large amount of time to compute. This is why it is impractical to crack today’s encryption, With Quantum computers, these factoring can be down in parallel, meaning it can test more than one (perhaps millions) combination at a time. If quantum computers could indeed factor large prime numbers (basis of PKI), millions of times faster than today’s computer, than today’s encryption methods will become obsolete.
Loi Van Tran says
Source:http://www.explainthatstuff.com/quantum-computing.html
Jon Whitehurst says
How long does would it take a computer from the 1940s take to read AES-256 encrypted packet or could it based on its memory and processing power? Today’s calculation power compared to the 1940s would be considered quantum to that time era. Quantum computing has the ability to crack and encrypt faster than a normal computer can do it today. The thought would be that quantum would have an advantage where the quantum workstations would be able to encrypt using more data and higher mathematical formulas that it would take a normal computer hours or possible days to read one unencrypted message. I would think that a new generation of encryption would replace today’s standard encryption. Everything is bullet proof until it has been cracked. In a hundred years we could think that quantum encryption could be vulnerable and obsolete.
BIlaal Williams says
Although quantum computing is in its early stages, enough progress has been made to determine that at some point this will become a reality. With businesses with large pockets such as Google and IBM investing in quantum computing development, it seems likely that quantum computing will come into fruition, just how long it takes remains to be seen. Once accomplished, quantum computing will make our current asymmetric cryptosystems obsolete, so it is important for security professionals and industry leaders alike to stay abreast to the achievements in this field. A quantum computer would store information in qubits, which can represent multiple states at one time, thus mathematical computations can be performed millions of time faster than conventional computing used today. A recent (Nov 7) article in PC World states that researchers at NC State University have a developed a system to synthetically make microscopic diamonds, also called nanodiamonds, in specialized crystalline structures to stabilize calculations in quantum computers. The technique they used to create “NV-doped” nanodiamonds is inexpensive and will enable significant advances in quantum computing according to a professor at NC State. The researchers are talking to private and public organizations about how their research could be used to manufacture quantum computers, so mass production of quantum computers may come sooner than many people have previously considered.
http://www.pcworld.com/article/3139445/hardware/diamonds-could-be-building-blocks-for-quantum-computers.html
Shain R. Amzovski says
Conventional computers require binary data. Quantum computers use qubits, which can represent one, zero, and any state in between. This allows quantum computers to operate much faster than a conventional computer. Even the best super computers of the world today would not be able to process and operate faster than a quantum computer.
Based on your research, how do you think quantum computing will change the IT security field, and how long do think until we begin seeing these changes?
Quantum computing would be able to crack any encryption method being used today. This will have a major impact on cyber security today. The cost of developing a Quantum computer would be extraordinary, so companies would not have to worry about their encryption being cracked by an average person, but more competitors and governments. For instance, the NSA is currently spending $80 million for quantum computer development. “The National Security Agency has a vast toolkit for getting access any kind of electronics equipment, but it pales compared to a quantum computer, which could break the strongest encryption in much less time than conventional, transistor-based computers.” Companies with a lot of cash in its reserves could use quantum computing to break competitors encryption and steal intellectual property. Apple has so much money, that it could invest in attempting to build a quantum computer, etc. I think we are still many, many years away from this becoming an issue that IT security professional must think about on a daily basis.
A lot of this is very theoretical at this time, but how much longer until we will need a lot more than just one paragraph in this text that discusses quantum computing?
Bill Gates, the founder of Microsoft, believes, “There is a chance that within 6-10 years that cloud computing will offer super-computation by using quantum. It could help use solve some very important science problems including materials and catalyst design.”
SOURCES: https://www.cnet.com/news/nsa-working-on-quantum-computer-to-break-any-encryption/
http://www.aei.org/publication/what-bill-gates-just-said-about-the-future-of-quantum-computing-robotics-and-education/