The quantum threat and an effort to make computers safe

The US National Institute of Standards and Technology (NIST) has released drafts of three encryption algorithms that are designed to resist attacks from quantum computers.

Released last week, these algorithms will shield sensitive data, including emails and bank transfers, from emerging technologies that might compromise them. They are expected to be ready for use in 2024.

Currently, digital data such as medical records and online passwords are safeguarded using public-key encryption methods, which rely on mathematical problems that traditional computers struggle to solve.

Even if someone intercepts the encrypted data, they would not be able to decrypt and understand the information without the appropriate private key. because solving the mathematical problem to derive the private key from the public key is impractical, a long, arduous task that would take a long time with classical computers.

However, the advent of quantum computers poses a risk to the integrity of existing encryption standards. With their capability to rapidly solve specific mathematical problems, such as factoring large integers and solving discrete logarithms, quantum computers can decipher encrypted messages exponentially quicker than classical computers.

Citius, Altius, Fortius

Quantum computers leverage the principles of quantum mechanics to process information using quantum bits (qubits), which can simultaneously exist in multiple states, enabling them to perform many calculations at once, whereas classical computers process information using binary bits (0s and 1s), performing one calculation at a time.

Thus, they will theoretically be able to complete tasks faster by orders of magnitude.

However, quantum computer technology is still in its infancy, states Dr Mustafa Atabey Buyukkaya, a quantum engineer from the University of Maryland’s Joint Quantum Institute.

Speaking to TRT World, Buyukkaya explained, “Current quantum computers do not have the necessary number of stable qubits to decrypt modern, robust encryption algorithms, and there are numerous physical obstacles to increasing the quantity of qubits.”

Although quantum computers are still in their early stages of development, once they reach a certain level of power, they could potentially solve these mathematical problems, thereby breaking the encryption.

The forthcoming NIST encryption standards will equip the world with the initial tools necessary to defend sensitive data against this emerging threat.

Encryption-Decryption Cycle

The history of encryption and decryption is akin to a never-ending game of leapfrog, where each leap forward in computational power necessitates a corresponding leap in cryptographic security.

"The security of an encryption algorithm is a function of its mathematical complexity and how long it takes for computers to solve it," explains Nebi Senol Yilmaz, a London-based veteran cybersecurity analyst.

"Complexity is a relative concept, and what has been secure for some time may not be the next moment due to technological developments," Yilmaz told TRT World.

He pointed out, “Past advancements in computing technology has already rendered many encryption algorithms obsolete.”

For example, as computers have evolved and become more powerful, the key sizes used for RSA encryption — a commonly used encryption algorithm — have had to be increased. A 512-bit key was deemed secure in the 1990s, but in today's world, a minimum of 2,048 bits is recommended for most applications.

The risk associated with quantum computing is that it could solve these mathematical problems in a practical timeframe, rendering existing asymmetric or public-key algorithms obsolete and ineffective.

This would essentially unlock the digital doors that protect our most sensitive information, from personal data to financial transactions.

The quantum computing revolution, therefore, calls for a complete overhaul of the existing cryptographic infrastructure.

Pared Down to Four Algorithms

Despite the looming threat of quantum computers, the nature of encryption does not change, according to Yilmaz. "Quantum computers will have limits too. Our job will be to create stronger algorithms," he added.

This is exactly what the NIST is trying to do. NIST has been working on standards for encryption algorithms that are resistant to developments in quantum technology.

NIST Director Laurie E. Locascio commented, "Quantum computers that are powerful enough to break present-day encryption, will pose a serious threat to our information systems."

In July 2022, NIST chose the first group of encryption tools designed to withstand the assault of a future quantum computer.

This selection followed a six-year effort managed by NIST, which called upon the world's cryptographers to devise and vet encryption methods resistant to future quantum computer attacks.

Experts from dozens of countries submitted 69 eligible algorithms by November 2017. From these, NIST selected four algorithms.

For general encryption — used when accessing secure websites — NIST selected the CRYSTALS-Kyber algorithm. Its advantages include comparatively small encryption keys that two parties can exchange easily and its speed of operation.

For digital signatures, often used to verify identities during a digital transaction or to sign a document remotely, NIST selected three algorithms: CRYSTALS-Dilithium, FALCON, and SPHINCS+.

Reviewers noted the high efficiency of the first two, with NIST recommending CRYSTALS-Dilithium as the primary algorithm, and FALCON for applications needing smaller signatures than Dilithium can provide.

The third, SPHINCS+, while somewhat larger and slower than the other two, is valuable as a backup because it is based on a different mathematical approach than NIST's other selections.

On August 3, NIST released draft standards for three of the four algorithms and called on the industry and cryptographic community to provide feedback on the draft standards until November 22, 2023.

"We're getting close to the light at the end of the tunnel, where people will have standards they can use in practice," said Dustin Moody, a NIST mathematician and leader of the project. "For the moment, we are requesting feedback on the drafts. Do we need to change anything, and have we missed anything?"

When is the Q-day?

While it is widely acknowledged that quantum computing poses a significant threat to existing encryption standards, the timeline for this threat remains uncertain due to the technical challenges associated with building practical, large-scale quantum computers.

“It is uncertain when the process of rapidly scaling up the number of qubits will commence," Dr Buyukkaya told TRT World, emphasising the physical barriers and uncertainties associated with expediting the augmentation of qubits.

One major challenge is qubit coherence. Qubits, the basic units of quantum information, are extremely sensitive to their environment, and any interaction with the outside world causes them to lose their quantum properties, a phenomenon known as decoherence. Maintaining qubit coherence for a sufficient amount of time is necessary for performing meaningful calculations.

Another major hurdle is the extreme sensitivity of qubits; even stray light can induce calculation errors, and this problem exacerbates as quantum computers scale up.

Developing efficient error correction codes that can correct these errors without requiring a prohibitive amount of additional qubits is a significant research area.

Building a quantum computer with a small number of qubits is already a significant challenge, but scaling this up to the large number of qubits required for practical applications is even more difficult. This involves not only increasing the number of qubits, but also managing the increased complexity of the system, including the control electronics.

In this evolving landscape, NIST's approach is notably proactive. Despite the challenges posed by quantum computing, the cryptographic community is striving to stay ahead of the curve.

Nonetheless, even if NIST finalises the process after incorporating the industry’s input, the cycle of encryption and decryption will not cease.

As Yilmaz aptly said, “There is no such thing as 100 percent secure encryption.”