Cryptography is defined as the study of writing and resolving codes. It is an important part of security protocols and communications, as it improves privacy and ensures that data is only read by the intended recipient.
However, with the advent of quantum computers, it is widely predicted that conventional encryption methods will no longer be viable. As a result, programmers and experts have already been working on what they call quantum-proof cryptography.
So what is quantum-proof cryptography? And why can’t you test it yet?
What is Quantum Proof Encryption?
Quantum-proof cryptography simply refers to a set of algorithms that cannot be hacked, even with quantum computers. Quantum-proof cryptography is expected to likely replace conventional algorithms that rely on public-key cryptography, which generally relies on a set of two keys (one for encryption and another for decryption).
In 1994, a Bell Labs mathematician, Peter Shor, wrote an article talking about quantum computers, which were essentially powerful computers that could perform far more powerful calculations than a standard computer. But then they were only a possibility. Fast forward to the present day, computing devices have come a long way. In fact, many believe quantum computers are about a decade away.
Needless to say, this raises a serious concern: if quantum computers became a reality, which seems increasingly likely, conventional encryption methods would become useless. As a result, scientists have been working on post-quantum cryptography for some time.
Developing a Quantum Proof Cryptography Standard
The National Institute of Standards and Technology (NIST) launched a competition in 2016 to find a post-quantum encryption standard that can withstand a quantum computer.
This is different from conventional cryptographic systems which rely primarily on solving complex mathematical problems. In 2022, NIST announced that it had selected four major cryptographic algorithms it considers “quantum-proof”. These include:
- The CRYSTALS-Kyber algorithm.
- The algorithm of dilithium CRYSTALS.
- SFINCHE +.
The CRYSTALS-Kyber algorithm is under development to be used as a general cryptographic standard. The algorithm is popular due to its smaller encryption keys, which allow both parties to exchange them quickly. This also means that CRYSTALS-Kyber is incredibly fast compared to others.
The remaining three were selected for digital signatures, ideally to sign digital documents remotely or to verify the identity of both parties during a digital transaction.
NIST officially recommends CRYSTALS-Dilithium as the first choice for digital signatures and FALCON for more basic signatures that Dilithium may not cover. Both are known to be reasonably fast. All three use structured lattice math problems to encrypt data.
The fourth, SPHINCS +, is relatively slower than the others, but is considered quantum-proof as it relies on a completely different set of mathematical problems than the other three. Instead of using structured lattices, this relies on hash functions.
The importance of developing quantum-resistant cryptography
One of the biggest concerns for large organizations today is that once quantum computing becomes mainstream, there is a strong possibility that any data securely encrypted right now may be at risk. Many believe that quantum computing will completely change the world, and cryptography is the only field likely to be most affected.
For example, if you send sensitive information today using conventional encryption, there is a risk that malicious third parties could intercept your data and store it. This is especially true for government agencies, where the secrecy of confidential documents today will be just as important in the future.
Once quantum computing goes mainstream, there is a real risk that this sensitive information could be decrypted and made public or used for blackmail purposes, even if it’s been decades. This is one of the reasons governments and security agencies are so serious about developing quantum cryptography as soon as possible.
If you are using a pre-shared key with the IKEv1 protocol, you are essentially using encryption that is considered quantum resistant. Many also believe that AES-256, a commonly used encryption, is also quantum resistant.
However, according to NIST, the four ciphers mentioned above are the only ones considered “quantum proof”. Many companies are already introducing secure quantum cryptography into their products. For example, Verizon’s secure quantum VPN is designed to withstand attacks from a quantum computer.
Why can’t you test Quantum-proof encryption yet?
While there are several encryption standards that we consider quantum secure, none have actually been tested. And the reason for this is pretty obvious: we don’t have quantum computers yet.
However, we are getting closer and closer. Nanocomputing, something considered impossible at one point, is real, with several modern devices now using transistors that have channels less than 100 nanometers in length.
In fact, in 2019, Google released a landmark report in Nature, claiming it had achieved quantum supremacy with Sycamore, their quantum computer. In a team led by John Martinis, an experimental physicist, they were able to use their quantum computer to perform complex calculations that would take more than 100,000 years for a standard supercomputer.
This is not yet cause for alarm – they only achieved quantum supremacy with one specific case, but it shows that quantum computing is very real and not as far off as most people think.
Consequently, since quantum computing is not really available, it is impossible to test it correctly. In fact, to explain how specific the problem Sycamore solved was, the team presented a case where the computer had to calculate the probability of different outcomes using a quantum random number generator.
This is obviously very different from conventional cryptographies, which generally involve mathematical equations. However, it shows how powerful it can be for the next best thing once scientists are able to fully master it.
Take steps to encrypt your information today
While quantum-proof cryptography is still a long way off, it doesn’t hurt to make sure you are using the proper security measures today. For example, if you use cloud storage to store files or personal data, always make sure you are using an end-to-end cloud storage provider.