Saving encryption: Thales on the future of quantum cryptography

Quantum computing is promising to totally break contemporary encryption techniques, but should you really be worried? We spoke to Thales eSecurity's VP of technical strategy Sol Crates to find out.

The prospects and business cases for quantum computing - while at times overstated - are undoubtedly fascinating. The theoretical advantages that quantum computing promises to provide for areas such as science, pharmaceuticals and the general enterprise are tremendous and our journey to getting towards a quantum computer that provides useful advantages over traditional computing is getting closer.

Many of tech's biggest names - such as IBM, Google, Microsoft, and Intel - are making big investments into the area, with numerous major governments following suit. The Trump administration recently passed a bill to provide $1.2 billion (USD) to quantum research, and similar moves have being made by the European Union - who pledged €1 billion to the cause - and China, which has investing billions of dollars in the technology for years.

While it must be said that we might still be a good while away from achieving what some organisations are calling the quantum advantage (i.e. developing a quantum computer that is better than traditional computing at a truly useful task), the future potential for these systems is both extremely exciting and somewhat concerning. That is, as quantum-level technology can be used to achieve a variety of amazing milestones in science and technology, it can also be used in negative ways. Perhaps the most pressing issue is the potential of quantum computing to completely disrupt contemporary encryption techniques, putting a massive amount of encrypted data at risk of attack.

Current standards for encryption rely on the inability of standard computers to factor large numbers, which serve as the foundation of many popular methods of cryptography. This raises a whole new order of cybersecurity concern for organisations, who might find swathes of encrypted data cracked open extremely easily. In order to address this issue, the National Institute of Standards and Technology (NIST) has set out to find new standards in cryptographic algorithms that wouldn't be vulnerable to attacks from quantum computers. To achieve this, it started an initiative called the Post-Quantum Cryptography Standardization project, which assessed a variety of new cryptographic algorithm submissions designed to be quantum-resistant.

NIST has now winnowed this list of submissions down to a total of 26, with 17 potential algorithms chosen for public-key encryption and nine chosen for digital signatures. These algorithms are diverse in their execution and represent a wide range of mathematical ideas, which NIST says is important in assessing the best possible approach to protecting data. In order to make sense of this list and to ascertain how organisations should approach issues in quantum cryptography, we spoke with data security expert Sol Cates, who serves as Thales eSecurity's VP of Technical Strategy.  Cates talks about the true level of risk that quantum computing poses for the security of huge amounts of critical data and what organisations should be doing right now in order to prepare for quantum attacks.


Why are current methods of cryptography and data encryption insufficient against attacks from Quantum Computers?

To continue reading this article register now