When Google announced in late 2019 that their quantum computers could solve a task in 200 seconds that would have taken the world’s fastest supercomputer 10,000 years, the race for quantum supremacy seemed to be nearing the finish line. This first success from Google also shows that the quantum age is closer than we often think.

It is extremely important to show the possible effects of this technology. No threat appears more significant than the potentially destructive effects this technology has on cryptography and cybersecurity.

The Death of Cryptography

Prime numbers play an important role in the encryption of data. Asymmetrical encryption systems such as RSA are based on the fact that there is no efficient method for the prime factorization. For example, in a conventional computer, prime factorization of a 240-digit number (RSA-240) takes about 900 years of computing power. The severity of this problem is at the core of an algorithms, the use of which is widely in cryptography such as RSA.

An  retrospective agile template is a short meeting for project teams to reflect on the most recent stage of their project

In contrast to traditional computers, however, quantum computers excel at breaking precisely these algorithms. Shor, an American mathematician, presented an algorithm in 1994 that can calculate the prime factorization of a large number in polynomial time with the help of a quantum computer. Since the security of today’s encryption and signature schemes is based on prime factorization, this could mean the death of these cryptographic systems.

Thus, in the age of quantum computers, cryptography can neither guarantee data transmission nor secure storage. Experts assume that a quantum computer could exist as early as 2031, which is large enough to crack the cryptographic algorithms to protect credit cards (RSA). In other words: Large amounts of data, such as from financial transactions, e-mail communication, critical infrastructure, or transport systems, become insecure with the invention of the quantum computer.

Today’s Threat

Quantum computers front a serious threat to encryption – and they are already today. This is because encrypted information can also be decrypt retrospectively in the future. Whether private or state, hackers could already collect sensitive and encrypted data and decrypt it as soon as quantum computers are available.

Corporations and governments cannot afford to have their communication channels deciphered retrospectively, even if that time is in the distant future because that could have significant business, geopolitical and diplomatic implications.

This is why great caution is required today when handling sensitive data. Data must be encrypted with algorithms that not only conform to the best current standards but are also resistant to quantum computers. If data security is to be preserved in the age of quantum computers, measures must be taken now.

quantum computers

Post-quantum Cryptography and Trusted Execution Environments

Post-quantum cryptography (PQC) solutions follow an algorithmic approach and could offer a solution to the threat posed by quantum computers in traditional cryptography. Such solutions are based on mathematical functions, for which quantum algorithms have no comparative advantage.

Theoretical work in connection with such PQC solutions is quite superior. And there are already numerous examples of possible quantum-resistant encryption. Since PQC is the most widespread application and has a relatively low cost. And, it appears to be the most promising solution for developing quantum-resistant encryption.

But the question remains how such solutions should be implemented and standardized. Organizations such as the National Institute for Science and Technology (NIST) are actively trying to find answers to these questions. NIST is involved in the standardization efforts of PQC algorithms that will pave the way for mass adoption.

Cryptographic Algorithms are not Enough

Cryptographic Algorithms

In practice, however, the security of these cryptographic primitives also depends heavily on their hardware implementation. That’s because an attack can succeed without cracking the math problem. In so-called side-channel attacks, the device on which the cryptographic algorithms are hosted is observed.

The attacker then analyzes, for example, the runtime of the algorithm, the energy consumption of the processor, or the electromagnetic radiation. The use of the this information is to extract secret keys and decrypt sensitive data.

Conventional hardware has repeatedly proven to be insufficient to implement cryptographic primitives securely. Even well-known solutions such as Intel’s SGX proved unsafe against the side-channel attacks mentioned above.

Given these threats, it is vital to implement quantum-resistant cryptographic libraries on robust hardware. Such solutions are namely as Trusted Execution Environments (TEEs). And use non-conventional hardware such as hardware security modules (HSMs) to protect digital data.

Conclusion

The protection of critical data in the quantum age is possible; however, it requires a multidisciplinary approach. So-called post-quantum cryptographic primitives must replace the cryptographic primitives currently in use because these are resistant to attacks on quantum computers.

At the same time, cryptographic primitives must host in a Trusted Execution Environment. In order to protect against side-channel attacks. As a result, organizations must act quickly and rely on post-quantum cryptography. And trustworthy execution environments to guarantee the confidentiality, integrity, and authenticity of their data and applications in the quantum age.

Also Read: Smart HR department – Cloud Instead of a Filing Cabinet