Preparing for the day quantum computing cracks public-key cryptography: What to do now

Quantum computers could crack public-key encryption in as little as five years. Here's how to prepare for the post-quantum world.

1 2 Page 2
Page 2 of 2

Another possibility is to use quantum encryption and quantum key distribution to fight back against quantum breaking. In theory, it’s readily understandable. Quantum mechanics says that if “Eve,” the eavesdropper, tries to eavesdrop on quantum-protected communications, then that protection will change the communications so it can’t be eavesdropped on. That’s great...in theory. In practice, every “unhackable” solution has been implemented weakly enough that it ends up susceptible to hacking. Humans just aren’t great at implementing theory.

Sometimes even the theories say there are weaknesses. Schneier pointed me to a 2016 whitepaper discussing the weaknesses in quantum key distribution (QKD). I don’t know if it is good or bad that even our quantum theories have weaknesses, but at least no one is saying we have something unhackable to replace traditional public-key crypto.

Now is the time to start preparing for a post-quantum break world. Gasman says, “Data center managers must prepare for the inevitable right now and should educate themselves about what the options are: QKD?  Post-quantum encryption encryption?  Even those who think quantum computers are a long way off should take the trouble to protect data that is going to be stored for a long time. Ten years is not that long in the archiving world."

Don’t wait for the government and other standards bodies to tell you what you need to do. Be prepared for when that happens. As Schneier wrote me, “These things go slowly, but standards processes go even slower.”

Fight the good fight!

Copyright © 2018 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 hot cybersecurity trends (and 2 going cold)