Plenty of organizations are working on quantum computers. IBM is, Google is, and so are many others. The reason is that quantum computing is fast – a whole quantum leap faster than today’s technology. And that would seem like a good thing – remember how slow laptops and modems were 20 years or so ago. However, the fact that they can do sums quickly means that they could be used to break the encryption on data. And that is a cause for concern.
Rather than using 0s and 1s, quantum computers work at the quantum level (hence their name!), ie at the atomic or subatomic level, and information can be encoded in more than one place. And that’s what makes them so fast.
Like everything, quantum computers can be used for good things and for bad. The worry is that large organizations and nation states will use the speed of a quantum computer to break the algorithms used to encode data and then be able to access the previously-encoded information. That could be more than just messages being exchanged, it could be blockchain technologies, including bitcoin. And that means they would have access to your bank details, your health records, everything about you!
Here's an example of how secure we think we are at the moment. It seems it took 300,000 people four years to break a 64-bit key in 2002. 128-bit key encryption would take them trillions of years to find a matching key. Currently the industry standard is 256-bit encryption. Lamont Wood, writing in Computerworld estimated that a quantum computer could exhaust the possibilities of a 128-bit AES key in about six months.
The issue, of course, is that currently, there isn’t a quantum computer with enough power to actually break that kind of encryption. But before you breath too big a sigh of relief, remember that progress is being made all the time. Some of the cleverest people are working on developing quantum computing. So, it really is only a matter of time. And, as Dirty Harry said, “You’ve got to ask yourself one question: ‘Do I feel lucky?’ Well do ya, punk?”. The question to ask is how long will it be before there is a quantum computer big enough and powerful enough to break the toughest encryption? Will you have retired and moved out of the business by then? Or will all your corporate information and your personal information be in the hands of hackers?
Adding to your worries is a report that Google and the KTH Royal Institute of Technology in Sweden have found “a more efficient way for quantum computers to perform the code-breaking calculations, reducing the resources they require by orders of magnitude”. It seems that a 20 million-qubit computer could now break a 2048-bit number in just 8 hours.
Let’s just take a look at the types of encryption that are currently in use. Symmetric encryption uses the same key to encrypt and decrypt the data. Asymmetric encryption (public key) uses two mathematically-linked keys. The one given to the public is used to encrypt the data. It can then be sent over a network. The second key is private and used to decode the message. Both are used over the Internet.
The Advanced Encryption Standard (AES) was published in 2001 by the National Institute of Standards and Technology. It's used for symmetric key encryption. In involves the encryption key being sent to the recipient first before they can decrypt any messages, which itself can be a risk.
RSA (named for inventors Ron Rivest, Adi Shamir, and Len Adleman) encryption is probably the most common public key encryption standard used. It's hard to break because the two keys are based on large numbers (primes) being multiplied together.
Elliptic curve (EC) algorithms can also be used. These are based on the maths used to describe curves.
AES, RSA, and EC could all potentially be hacked by quantum computers in the near future.
So, what can we do about protecting our mainframe data? The z16 supports the Crypto Express8S adapter, which is designed to deliver quantum-safe APIs, letting enterprises start developing quantum-safe cryptography along with classical cryptography and to modernize existing applications and build new applications.
IBM has added the four National Institute of Standards and Technology (NIST) algorithms that were chosen in August to create a post-quantum cryptography (PQC) standard built on encryption algorithms that can protect against future quantum processor-based attacks.
The NIST algorithms are designed for two of the main tasks for which public-key cryptography is typically used: public key encapsulation, which is used for public-key encryption and key establishment; and digital signatures, which are used for identity authentication and non-repudiation.
The algorithms used are: CRYSTALS-Kyber for the key encapsulation mechanism (KEM) for public-key encryption and key-establishment; CRYSTALS-Dilithium, which is the primary algorithm in the signature category; FALCON; and SPHINCS+. CRYSTALS-Kyber and CRYSTALS-Dilithium form the basis of its key encapsulation and digital signature capabilities.
It's good to know that mainframes are keeping data safe from quantum computing attacks by malicious third-parties for as long as possible. I just wonder how other platforms are getting on securing against a quantum-computing attack?
No comments:
Post a Comment