This article is more than 1 year old
If you're worried that quantum computers will crack your crypto, don't be – at least, not for a decade or so. Here's why
Quantum solace: Encryption to die another day
Nevertheless, be careful
NIST isn't sure when quantum computers might become useful but is looking into future-proof algorithms just in case. As University of Maryland computer scientist and NIST guest researcher Gorjan Alagic observed in a statement, "There’s no indication that the technological leap to a practical quantum computer will happen soon, but people are spending a lot of effort on it."
University of Texas at Austin computer scientist Scott Aaronson touched on the possibility that lattice-based encryption may be resistant to quantum-based attacks in a blog post last year. He also noted that since "most attacks target mistakes in implementation rather than the underlying cryptography, we should expect any switch to post-quantum cryptography to make security worse rather than better in the short run."
University of Chicago computer science professor Diana Franklin, in an email to The Register, acknowledged Evers makes some fair points but took issue with the scope of his assertions.
If you've been dying to run some math on a dinky toy quantum computer, IBM may have something for youREAD MORE
"Near-term quantum computers (within the next 5 years) will not contain error correction, and they will not have enough qubits necessary to solve Shor's Algorithm," she said. "However, it is possible that Shor's algorithm could be implemented in the next 15 years."
That's of immediate concern to governments at least, she suggested, because there are many secrets being stored today that will still be important to preserve in 15 years. She said she agreed with IBM's Krishna that people should be worried about what could come in ten years.
"Predictions at 10+ year timescales are notoriously inaccurate, even by the most honest, knowledgeable people," she said.
"So I agree with him that the variability in the pace of innovation makes 10 years possible, if not probable. However, anyone who cares about data enough to encrypt it probably wants it to continue to be secret for several years – and Shor's algorithm may be just around the corner by then."
A Shor thing?
Franklin suggests the focus on Shor's algorithm among media and security companies represents an easy way into the complex subject of quantum computing.
"Other applications, like chemical simulations, which will be able to be run in the near future, have less guaranteed outcomes," she said. "For example, it is hoped that the process of nitrogen fixation (the process by which fertilizer is made) will be better understood with the use of quantum computer simulations. Understanding the process may or may not revolutionize food production. So it's a more complex story than the headline 'all encryption will break.'"
Evers also sees quantum computers doing meaningful work, eventually. "I feel confident that really amazing things will happen over time with a lot of really smart people working towards doing cool things with quantum, especially with wealthy people and groups backing them to do it," he said in an email to The Register.
"The big downside of quantum computers is that they must internally operate very close to absolute zero, and cannot be physically disturbed during operation."
But as Evers sees it, much of the hype can attributed to the desire for funding and attention. He points to EvolutionQ, a security company, that he says "appears to largely capitalize on fear they collectively promote about quantum computers breaking encryption." The company's websites warns, "Powerful quantum computers will break down the foundations of conventional cybersecurity."
Another security firm, ISARA, makes a similar claim: "Within a decade, experts such as NIST have stated that currently used public-key cryptography will be broken by a large-scale quantum computer, putting you and your customers’ privacy and security at risk."
"A great deal of research grants are provided for research and development that relates to quantum," said Evers. "Far too many people will do anything to get a grant, and will help to promote fear and spread misinformation about quantum computers to win grants, and cause more grants to become available." ®