Quantum Computing – Is the World of a Secure Internet Over?
The short answer: No.
The long answer: Noooooooooooo.
If you haven’t had a primer on what a quantum computer is or does, Kurzgesagt has a fantastic crash course introduction here: https://www.youtube.com/watch?v=JhHMJCUmq28
For over a decade now, cryptographers, security experts, and researchers have been talking about Quantum Computing and how it will impact internet security. Quantum computers were always a phantom product often dismissed as “vaporware” because the technical challenges seemed insurmountable all while some of the lead companies doing the research were hyping non-breakthroughs.
We are now getting to a point in this discussion where Quantum Computers are on the horizon, and we need to start thinking about the future. https://www.technologyreview.com/s/610250/serious-quantum-computers-are-finally-here-what-are-we-going-to-do-with-them/
After decades and billions of dollars in research, designs are finally coming online that can solve tasks faster than classical computer designs. This concept, dubbed “Quantum Supremacy” by researchers, is chased after around the world. There’s still a huge number of engineering hurdles before these designs are practical, but a 50 Qubit design like the latest version of the IBM Q Quantum Computer which operates relatively error-free would be substantially more powerful than many of the worlds supercomputers for specific tasks like breaking some types of cryptography.
But that is a big ask. Every time you add more Qubits to current designs, you are adding exponentially more complexity and an exponentially increased rate of errors that you must control for. It is debated whether quantum supremacy will ever be achieved for any of the tasks that people propose.
Even with all of the challenges facing Quantum Computing today, the security community is considering it a serious future threat, and cryptographers have been considering algorithms that will resist quantum computer’s ability to so solve np problems quickly.
The National Institute of Standards and Technology (NIST) has created a contest where quantum resistant algorithms are considered for their viability. There’s a huge number of submissions being evaluated, many of them being led by teams of the world’s top researchers.
One of the more interesting submissions is Classic McEliece, an encryption system that was invented in 1978 by Robert McEliece. The algorithm could replace RSA / DH / DHE for asymmetric encryption, message encryption (like PGP), and it can also be used to generate signatures which enables authenticity checking.
The new quantum resistant version of the project is headed by D.J. Bernstein, famous for work on other algorithms like Poly1305, Salsa, Chacha, Curve25519 and many others.
The full submission paper for NIST can be found here: (PDF Warning)
There’s dozens of other viable candidates out there for quantum resistance, but this is one of the ones that shows enormous promise because it has withstood theoretical research for 40 years, has a team behind it with a reputation for creating good crypto systems, and the algorithm works for all of the same purposes as the algorithms that it would replace.
In closing, quantum computers are not a doomsday scenario for computing. They also aren’t on our doorstep, and some more significant breakthroughs have to come to pass before quantum computers become viable. We have time, and solutions will be in place long before crypto Armageddon comes to pass.