Quantum computers and the quest for quantum-resilient encryption
Conclusions
Recent estimates suggest that it takes about 20 million qubits to break a 2048-bit RSA key. Currently, the most powerful quantum computers operate at about 70 qubits, and even optimistic estimates expect at most 1,000 qubits within the next three to five years. This means that current quantum computers are not nearly powerfully enough to break today's encryption algorithms. It is unclear if and when a cryptographically relevant quantum computer might exist.
However, if the pace of quantum development observed in recent years continues, the future could hold a realistic threat to secure communications. Some government intelligence agencies have already intercepted and stored vast volumes of encrypted data and might be able to start deciphering that data as soon as there are advances in crypto analysis or as soon as suitable quantum computers become available. This means that different encryption solutions are already useful today even if quantum decryption is not yet available.
At the end of the day, the problems related to quantum-resilient encryption are solvable, but there can be no doubt that the alternatives will not turn out to be as efficient and simple as the classical procedures.
When you migrate to quantum-resilient IT, it will be important to document where cryptography is used in your own enterprise – or in your own products. Then you can explore whether alternative options are available. Dependencies will always crop up, meaning that product manufacturers or open source projects will have to make appropriate adjustments. For example, the question might arise as to whether the crypto libraries used with the project can be replaced by quantum-resilient alternatives, or whether high-security requirements already force transitional solutions.
Some standardization bodies are at least trying to offer the option of securing today's communications against quantum computers without the use of post-quantum cryptography – for example, with the help of pre-shared keys.
The multitude of requirements makes a universal recommendation impossible. Only the use of experts and a broad exchange of knowledge can prevent isolated solutions, which – unfortunately – often occurred in the past. It is important to cover the widest possible range of use cases with the smallest possible number of standard solutions. Crypto and IT security experts rely on the experience of software and hardware developers, as well as administrators of small and large networks. This real-world testing with large volumes of data is the best way to identify vulnerabilities. Government agencies, standards bodies, and the crypto community need this input, and they welcome the participation of all of us in preparing tomorrow's digital world for the requirements of the near future.
Infos
- Quantum computing: https://en.wikipedia.org/wiki/Quantum_computing
- RSA Factoring Challenge: https://en.wikipedia.org/wiki/RSA_Factoring_Challenge
- Shor's algoritm: https://en.wikipedia.org/wiki/Shor%27s_algorithm
- Isogeny: https://en.wikipedia.org/wiki/Isogeny
- Supersingular elliptic curves: https://en.wikipedia.org/wiki/Supersingular_elliptic_curve
- NIST PQC mailing list: https://csrc.nist.gov/projects/post-quantum-cryptography/email-list
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
So Long Neofetch and Thanks for the Info
Today is a day that every Linux user who enjoys bragging about their system(s) will mourn, as Neofetch has come to an end.
-
Ubuntu 24.04 Comes with a “Flaw"
If you're thinking you might want to upgrade from your current Ubuntu release to the latest, there's something you might want to consider before doing so.
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.