Quantum Computing & Encryption: Should We Be Scared?

What is a quantum computer?

A quantum computer is one which relies on quantum mechanical phenomena to store and process information. Instead of the classical bit, quantum computers use qubits. A bit can take the value of 0 or 1, but a qubit can take those same values or a superposition of both those states!

A qubit could be anywhere ‘between’ 0 and 1 in an unmeasured state or could technically be both 0 and 1 at the same time! This means that a probability has to be associated with the state each qubit is in, and only after measuring it will the qubit reveal a state of 0 or 1. This gives rise to a N-qubit system being able to store all 2^N different possible states at the same time, where a classical computer can only store 1 of those 2^N states. It’s important to put the exponential 2^N factor in practical context, since exponentials can be tough to fully appreciate. A system of just 265 qubits could be just about enough to store as many values of information as there are atoms in the universe!

What is encryption?

Encryption is the means by which information is converted into a secret code for the purposes of security, and only allows those who have the ‘key’ the ability to decipher the true meaning of the information. The time and effort it would take for someone unauthorised to predict this key is what makes encryption such a powerful and dependable tool for sharing information, especially private information.

Where’s the threat?

Quantum computers could be able to crack many popular public-key cryptography (PKC) systems pretty easily. These types of cryptographic systems require two distinct, but logically linked, keys i.e. the public key and the private key. ^[2] The Rivest-Shamir-Adleman (RSA) encryption algorithm is currently the most widely used for this particular type of encryption, and with RSA, whichever key is used to encrypt, the other key is what is needed for the corresponding decryption. ^[2]

RSA is currently used in a wide range of scenarios: emails, web browsers, making sure software updates are from the original developer and establishing secure connections between VPN servers and clients.

As it stands, the strength of an encryption lies in its “bits of security”, which is a quantitative measure of how many steps it would take to crack the encryption. A 3,072-bit RSA key provides 128 bits of security and could take billions of years for the best of classical computers to crack! However, with quantum algorithms, this RSA key gets reduced to 26 bits of security, and such an encryption can easily be cracked using the computational power of an ordinary mobile phone. ^[3]

Thus, having access to large quantum computers could essentially reduce the security ratings of these encryption methods to zero. A quantum computer would be able to process information at an exponentially quicker rate, and these particular encryptions would be no match for anyone with their hands on a quantum computer.

Will data ever be safe again?

Actually, it might not be that scary after all. To be safe in the world of quantum computers, the solution may be as simple as to use encryptions which are… quantum-safe! By moving to secret key encryption, which involves only a single key that is shared between the sender and authorised receivers, and by doubling the key-length, for example, we can create a similarly difficult task for quantum computers as the other encryptions did for the classical computers.

Since large, fully functional quantum computers are estimated to be constructed very soon, the risks of RSA being cracked are growing year by year. Just like how everyone eventually has to face software updates, sooner or later, “Remind me later” may no longer be a good enough response.