The National Institute of Standards and Technology (NIST) had published a request on Wednesday for nominations of new algorithms designed to prevent future quantum computers from hacking contemporary public-key encryption protocols.
“While in the past it was less clear that large quantum computers are a physical possibility, many scientists now believe it to be merely a significant engineering challenge,” NIST said at its post-quantum cryptography project site. “Regardless of whether we can estimate the exact time of the arrival of the quantum computing era, we must begin now to prepare our information security systems to be able to resist quantum computing”.
This clearly indicates the difficult and ambiguous position many governments around the world find themselves in – on the one hand, security gaps are desirable for espionage and law enforcement purposes; on the other hand, every governmental institution wants to protect its own classified information from being tapped and potentially leaked on the Internet.
While, at first glance, this might seem like a hypothetical consideration, legal and ethical battles over encryption are actually happening right now. Earlier this year, Apple and the FBI fought over whether Apple should be obligated to help investigators in sidestepping encryption on an iPhone used by a terrorist attacker, and the US government faced its own problems due to leaked documents indicating its massive eavesdropping efforts and attempts to weaken NIST encryption standards in 2013.
Bolstering digital security is a logical response to increasing rates of cyber-attacks, but, as some of the world’s top security experts, tech companies and civil liberties groups point out, it is virtually impossible to weaken encryption for the “bad guys” without doing the same for the “good guys”.
Today’s public-key encryption is based on the mathematical difficulty of determining a properly generated private key from its corresponding public key, which amounts to identifying which two prime numbers, when multiplied, produce an ever larger number.
With the advent of quantum computing, however, this is likely to become much less of a difficulty, as quantum machines rely on qubits, rather than bits, which can be a 1 and a 0 at the same time (this is called superposition). Using this bizarre feature of quantum reality would enable the new generation of computers to test an enormous number of possibilities and crack the code fairly easily.
“This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere,” said NIST. “Some engineers […] predict that within the next 20 or so years sufficiently large quantum computers will be built to break essentially all public-key schemes currently in use”.
Ideas on how to prevent this from transpiring can be submitted at the NIST post-quantum cryptography project site by 30 November, 2017.