not just simply as a theoretical challenge to public encryption systems and cyber security as a whole, but also one that needed to be quantified.” The final results of the analysis suggest that a hack …
Shutterstock/Yurchanka Siarhei
Copyright © 2023 by IOP Publishing Ltd and individual contributors
Security CEO and founder of Safe Quantum Inc., working with data-driven companies to define, develop and deploy quantum-safe technologies.
getty
Even though commercially viable quantum computers don’t yet exist, the problem they present for data protection and security is quite real. The prospect of matching quantum speed against large volumes of data may be years away. But that hasn’t deterred cybercriminals from hijacking and holding hostage so-called evergreen data—information like personal health records, corporate intellectual property and government secrets. With these “harvesting” attacks, crooks are biding their time until a quantum computer matures enough to decrypt the existing security.
There are three technologies that companies and governments can use that could mitigate future disasters, but there’s a catch. Deployed in isolation, none of these approaches can handle the threats to data today and down the road.
First, let’s look at encryption standards. RSA is the encryption standard that most of the world has relied upon for over 40 years. That said, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is spearheading an initiative to introduce new post-quantum cryptography (PQC) algorithms intended to replace RSA and withstand a quantum attack.
The challenge with this mathematical approach? As with RSA, mathematical solutions are only as finite as the computing power available to hack them. (For a bit more on this, see my previous article.)
The upside of the new PQC standards, however, is they will add a level of security today to transactional data, such as online commerce and consumer retail. This approach to protecting data at the edge will be a replacement for RSA and a precursor to a fault-tolerant quantum computer capable of breaking RSA encryption in the future.
The second approach is to fight the threat of quantum-driven attacks with quantum-level security. This is another solution that’s rapidly coming to market. Using quantum key distribution, or QKD, organizations can use existing fiber-optic cables readily available across much of the world to securely connect a sender and a receiver. Data…