[Lex Computer & Tech Group/LCTG] Race is on to save our secrets from computers of the future

[Harry Forsdick]

>From today’s Boston Globe:

Race is on to save our secrets from computers of the future
Quantum devices imperil complex encryption codes
Robert Schoelkopf worked on a device used to cool superconducting qubits,
at Yale. He is at the forefront of a worldwide effort to build the world’s
first quantum computer.
By Zach Montague, New York Times

WASHINGTON — They call it Q-Day: the day when a quantum computer, one more
powerful than any yet built, could shatter the world of privacy and
security as we know it.

It would happen through a bravura act of mathematics: the separation of
some very large numbers, hundreds of digits long, into their prime factors.

That might sound like a meaningless division problem, but it would
fundamentally undermine the encryption protocols that governments and
corporations have relied on for decades. Sensitive information such as
military intelligence, weapons designs, industry secrets, and banking
information is often transmitted or stored under digital locks that the act
of factoring large numbers could crack open.

Among the various threats to America’s national security, the unraveling of
encryption is rarely discussed in the same terms as nuclear proliferation,
the global climate crisis, or artificial general intelligence. But for many
of those working on the problem behind the scenes, the danger is
existential.

“This is potentially a completely different kind of problem than one we’ve
ever faced,’’ said Glenn S. Gerstell, a former general counsel of the
National Security Agency and one of the authors of an expert consensus
report on cryptology. “It may be that there’s only a 1 percent chance of
that happening, but a 1 percent chance of something catastrophic is
something you need to worry about.’’

The White House and the Homeland Security Department have made clear that
in the wrong hands, a powerful quantum computer could disrupt everything
from secure communications to the underpinnings of our financial system. In
short order, credit card transactions and stock exchanges could be overrun
by fraudsters; air traffic systems and GPS signals could be manipulated;
and the security of critical infrastructure, including nuclear plants and
the power grid, could be compromised.

The danger extends not just to future breaches but to past ones: Troves of
encrypted data harvested now and in coming years could, after Q-Day, be
unlocked. Current and former intelligence officials say that China and
potentially other rivals are probably already working to find and store
such troves of data in hopes of decoding them in the future. European
policy researchers echoed those concerns in a report this summer.

No one knows when, if ever, quantum computing will advance to that degree.
Today, the most powerful quantum device uses 433 “qubits,’’ as the quantum
equivalent of transistors are called. That figure would probably need to
reach into the tens of thousands, perhaps even the millions, before today’s
encryption systems would fall.

But within the US cybersecurity community, the threat is seen as real and
urgent. China, Russia, and the United States are all racing to develop the
technology before their geopolitical rivals do, although it is difficult to
know who is ahead because some of the gains are shrouded in secrecy.

On the American side, the possibility that an adversary could win that race
has set in motion a yearslong effort to develop a new generation of
encryption systems, ones that even a powerful quantum computer would be
unable to break.

The effort, which began in 2016, will culminate early next year when the
National Institute of Standards and Technology is expected to finalize its
guidance for migrating to the new systems. Ahead of that migration,
President Biden late last year signed into law the Quantum Computing
Cybersecurity Preparedness Act, which directed agencies to begin checking
their systems for encryption that will need to be replaced.

But even given this new urgency, the migration to stronger encryption will
probably take a decade or more, a pace that, some experts fear, might not
be fast enough to avert catastrophe.

Researchers have known since the 1990s that quantum computing — which draws
on the properties of subatomic particles to carry out multiple calculations
at the same time — might one day threaten the encryption systems in use
today.

In 1994, American mathematician Peter Shor showed how it could be done,
publishing an algorithm that a then-hypothetical quantum computer could use
to split exceptionally large numbers into factors rapidly, a task at which
conventional computers are notoriously inefficient. That weakness of
conventional computers is the foundation upon which much of current
cryptography is predicated. Even today, factoring one of the large numbers
used by RSA, one of the most common forms of factor-based encryption, would
take the most powerful conventional computers trillions of years to carry
out.

Shor’s algorithm landed at first as little more than an unsettling
curiosity. Much of the world was already moving to adopt precisely the
encryption methods that Shor had proved to be vulnerable. The first quantum
computer, which was orders of magnitude too weak to run the algorithm
efficiently, would not be built for another four years.

But quantum computing has progressed apace. In recent years, IBM, Google,
and others have demonstrated steady advances in building bigger, more
capable models, leading experts to conclude that scaling up is not only
theoretically possible but achievable with a few crucial technical
advancements.

“If quantum physics works the way we expect, this is an engineering
problem,’’ said Scott Aaronson, director of the Quantum Information Center
at the University of Texas at Austin.

Scientists at the National Institute of Standards and Technology, or NIST,
have carried the mantle of maintaining encryption standards since the
1970s, when the agency studied and published the first general cipher to
protect information used by civilian agencies and contractors, the data
encryption standard. As encryption needs have evolved, NIST has regularly
collaborated with military agencies to develop new standards that guide
tech companies and information-technology departments around the world.

During the 2010s, officials at NIST and other agencies became convinced
that the probability of a substantial leap forward in quantum computing
within a decade — and the risk that would pose to the nation — had grown
too high to be prudently ignored.

“Our guys were doing the foundational work that said, hey, this is becoming
too close for comfort,’’ said Richard H. Ledgett Jr., a former deputy
director of the NSA.

According to NIST, the federal government has set an overall goal of
migrating as much as possible to these new quantum-resistant algorithms by
2035, which many officials acknowledge is ambitious.

These algorithms are not the product of a Manhattan Project-like initiative
or a commercial effort led by one or more tech companies. Rather, they came
about through years of collaboration within a diverse community of
cryptographers.

After its worldwide call in 2016, NIST received 82 submissions, most of
which were developed by small teams of academics and engineers. As it has
in the past, NIST relied on a playbook in which it solicits new solutions
and then releases them to researchers in government and the private sector,
to be challenged and picked over for weaknesses.

“This has been done in an open way so that the academic cryptographers, the
people who are innovating ways to break encryption, have had their chance
to weigh in on what’s strong and what’s not,’’ said Steven B. Lipner,
executive director of SAFECode, a nonprofit focused on software security.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.toku.us/pipermail/lctg-toku.us/attachments/20231023/afbc3d11/attachment.htm>