How the U.S. is Preparing for a Quantum Future
Not surprisingly, it's a complex issue.
For my previous column, I talked about the threat that future quantum computers pose for today’s government data, and how the United States is risking falling behind other countries in the development of quantum science. In turn, I received more comments via tweets, email and other social media platforms than with any other column I’ve written recently. This is clearly a topic that is on people’s minds, which is a good thing because we need to be aware of both the advantages of this emerging technology and also the potential pitfalls.
One of the groups that contacted me was the National Institute of Standards and Technology. The agency wanted to assure me that right now, as far as it is known, AES-256 should be enough to protect government data even as quantum computers evolve. NIST has been studying this issue, and released their findings in the NISTIR 8105 report. NIST’s paper breaks down cryptographic systems into two main types, the public key systems used to protect things like webpages, and the symmetric key systems, like AES, which protects much of the government’s data.
The paper states that “the construction of a large-scale quantum computer would render many of these public key cryptosystems insecure. In particular, this includes those based on the difficulty of integer factorization, such as RSA, as well as ones based on the hardness of the discrete log problem. In contrast, the impact on symmetric key systems will not be as drastic.”
The reason why symmetric key systems should remain secure is that it may not be possible to speed up tools like Grover’s algorithm used to crack encryption. The report specifies that, “We don’t know that Grover’s algorithm will ever be practically relevant, but if it is, doubling the key size will be sufficient to preserve security. Furthermore, it has been shown that an exponential speedup for search algorithms is impossible, suggesting that symmetric algorithms and hash functions should be usable in a quantum era.”
In other words, even if quantum computers are able to speed up the cracking process for symmetric encryption, doubling the size of the key is always an option to reset the playing field.
A public-sector scientist working on quantum computers also contacted me, and although he was not authorized to speak publicly on the subject, he said that it’s well-known among quantum scientists when encryption levels will be broken, as it’s based on the size of the quantum machine. “So far, quantum computers have not produced a dramatic change in the crypto situation,” he said. “However, when we get to 110-qbit machines, reading DES will be as easy as reading plain text. The 192-qbit machines will do the same thing to AES-128, and so on.”
The other point that I made in my last column was that other countries like China were investing billions in quantum computers, and already seeing success like linking Beijing and Shanghai with an encrypted landline that uses quantum computers to generate encryption keys. I lamented the fact that the U.S. did not have anything like that, which put us behind in the increasingly important quantum encryption race.
It turns out that we won’t be behind for very long. A company called Quantum Xchange is gearing up to deploy what it says is this country’s first unbreakable quantum-safe encryption communication line in August. The first deployment will link financial companies on Wall Street in New York with their back-office databases, many of which are located in New Jersey. That is a relatively short distance, but the company has engineered a way for that kind of quantum-safe encryption to operate from coast to coast.
I interviewed Quantum Xchange President and CEO John Prisco about this new technology. It works by placing hardware boxes at both ends of the secure tunnel. The sending box shines a laser through a mirror, splattering photons in completely random patterns and generating an encryption key based on that data. The key is sent through a fiber network and must be unchanged when it reaches the box on the other end.
“Our photonic key is combined with the RSA key protecting the data being transmitted,” Prisco said. “And then we send our key through an optical fiber network. If anyone tries to snoop that data, the process of doing that will alter the key, and it can’t be unencrypted.” In that case, not only will the data be protected, but its owners will be alerted to a possible eavesdropping attempt.
Because the Quantum Xchange solution relies on sending photons over a fiber network, the process would normally be limited to a distance of about 60 miles. The company gets around this by using repeaters to span greater distances. So if data needs to be transmitted 120 miles, the base station would send its photonic key to a repeater which would decrypt it, generate a new key, and then send it on to the next repeater or to the final destination. And because the process uses light, there is very little delay regardless of distance traveled.
Quantum Xchange has filed for FIPS Level 3 certification and is currently getting ready to offer their quantum-proof encryption solution nationwide as a monthly service. Agencies that want to implement it would be able to generate as many photonic keys as needed as part of the service.
It’s nice to see that the U.S. is not sleeping at the wheel when it comes to encryption issues. Both government agencies and private companies are picking up the slack and planning ahead for a future when quantum computers are far more commonplace, which is especially important with that brave new world just over the horizon.