‘It’s a real shock’: quantum-computing breakthroughs pose imminent risks to cybersecurity
-
-
Bluesky
-
-
-
-
-
X
Cloudflare is one of several cybersecurity companies now reassessing their timelines to provide protection against quantum hacking.Credit: Richard B. Levine/Alamy
The world could be caught off guard by quantum hackers before the end of this decade — much sooner than expected. This is the take-home message of two studies posted independently on 30 March, one a white paper by a team at Google1 and the other a preprint from Oratomic2, a start-up company in Pasadena, California.
Digital technologies that rely on encryption and authentication methods — such as credit-card systems, cryptocurrencies and Internet communications — have long been known to be vulnerable to future quantum computers. That’s because the machines will be capable of cracking security measures faster than even the largest conventional supercomputers can.
But the assumption among researchers and cybersecurity companies working on quantum-proof encryption technologies has been that these machines would not become a serious threat to digital security for at least ten years.
The studies, both of which suggest that quantum computers capable of cracking current encryption systems could soon become available, have created a sense of “renewed urgency”, says Jintai Ding, a mathematician at Tsinghua University in Beijing. The findings have prompted “many discussions among people I know, ranging from academics to bankers and to people who care about cryptocurrencies”, says Ding.
“It’s a real shock for us too,” says Bas Westerbaan, a mathematician at the Internet-services company Cloudflare, based in San Francisco, California, which helps to protect one-quarter of the world’s Internet traffic. “We are still digesting it, but we are very concerned.”
In a 1 April blog post, Scott Aaronson, a quantum-computing researcher at the University of Texas at Austin, describes the studies, which have not yet been peer reviewed, as “quantum computing bombshells”.
Fewer qubits
The preprint posted by Oratomic, a spin-off of the California Institute of Technology, also in Pasadena, demonstrates a method to lower the amount of estimated quantum computing required for cracking two types of common security technology. The approach leverages the strengths of a type of quantum computing that uses atoms trapped with lasers, and combines a number of recent developments in quantum software and hardware.
The authors also added their own improvements to show that cracking a common security-key technology called P-256 — because it relies on keys that are 256 bits long — could require as few as 10,000 qubits. These are the units of quantum information that replace the bits of ordinary computers.
Quantum computers will finally be useful: what’s behind the revolution