Experts have long warned that the eventual introduction of quantum computers would make current data encryption easy to break – but one cybersecurity entrepreneur has built an inexpensive quantum computer to demonstrate why today’s encryption is already obsolete.
That computer, which used just $900 ($US600) worth of parts and fits into a backpack, was called QUBY and uses a pair of commodity graphics cards to run quantum decryption algorithms faster than conventional computers can.
Generally used to run graphical games and programs at blistering speeds, graphical processing units (GPUs) crunch numbers much faster than normal computers – and researchers have adapted them to run complex mathematical formulae.
That poses a threat to existing data encryption, which is based on a series of mathematical formulae so complex that existing conventional computers wouldn’t be able to unscramble protected data in centuries or millennia.
Quantum computers, however, work in a fundamentally different way that could do the same work in seconds or minutes – rendering today’s encryption techniques obsolete.
Bypassing physics’ limits
Availability of such computers is said to be a decade away because physicists are still working to resolve fundamental challenges, such as the need for supercooled laboratory environments that enable manipulation of physically-feisty ‘qubits’ at temperatures near absolute zero.
Google last year claimed that it had achieved ‘quantum supremacy’ – by building a system that could outperform conventional computers – and IBM recently launched the world’s biggest quantum computer, which has 53 qubits.
One Australian project recently built a quantum-computing chip that paves the way towards room-temperature operation, and Australian research teams – including a globally significant Australian effort that earned lead Professor Michelle Simmons the Australian of the Year Award in 2018 – are playing a globally significant role in the race.
Yet as researchers continue to work away, researchers already understand how to write quantum software using quantum-computer emulators like Microsoft’s Quantum Development Kit (QDC) and IBM’s Qiskit framework.
“Quantum computing software leads the hardware by a large amount of time,” encryption expert Dan Gleason – founder and CTO of encryption firm Active Cypher – told Information Age, “in that the hardware faces ongoing problems getting developed to the [manageable] size it needs to be.”
Gleason used QDC and Microsoft’s Q# language to tweak and run them on his inexpensive, purpose-built computer.
He put the system into a backpack and recently demonstrated it to intrigued attendees at several recent industry conferences.
In laboratory tests, the addition of tuneable antennas allows the system to actively sniff out and decrypt data flowing over WiFi connections – and that has Gleason proclaiming that the conventional encryption is now dead.
“Even on current day platforms,” he explains, “using the software that has already been developed for quantum computers, it is still running significantly faster and is more applicable to the interception and cracking of known encryption methods.”
Towards the post-quantum world
With real quantum-computing systems becoming real far faster than researchers once believed, cryptographers have been redoubling their efforts to future-proof today’s encryption.
Well aware of the risks, the US-based National Institute for Standards and Technology (NIST) has been conducting an ongoing evaluation of several dozen candidate technologies for post-quantum cryptography (PQC) but draft standards aren’t expected until as late as 2024.
Many governments and businesses aren’t wasting any time, with some introducing PQC algorithms in hybrid configurations that marry them with existing encryption.
A recent DigiCert survey of enterprise security practitioners found that 71 percent of respondents believe PQC will “pose a significant threat” to the integrity of their data, with 35 per cent already budgeting for PQC security.
Yet with quantum software already running quickly on conventional hardware – and likely to get even faster when someone decides to run it on parallel-computing systems like those in a high-end data centre – Gleason says it’s hard not to conclude that current encryption’s days are numbered.
“I’m not afraid of a 1 million qubit computer appearing out of nowhere and breaking encryption worldwide,” he says.
“I’m afraid of the guy who can throw together stuff using a few parts and openly available software, then collect and decrypt data using something running at 100 to 1000 times faster than a classical computer.
“This is a tuning game.”