There was a story that came out of China last week about how researchers over there had used quantum computing to break a certain type of common encryption algorithm.
The claim was somewhat debunked later, but here is a problem with digital secrets. As time goes on, there is a “natural” decay in how secure secrets are, because computers get faster year-on-year.
There are two ways to unlock encrypted data. You either have the key, or you have to guess the key. (Assuming there are no problems with the encryption algorithm, you have to guess the actual key. If there are problems with the algorithm, you can find some “exploity" hack.)
Guessing the key is computationally expensive in terms of time. The principle is to have a key strength that is so strong that to go through every possible combination would take a period of time measured as “how close is this period to the heat death of the universe?” But, as computers get more powerful, the “time to crack” period steps back exponentially.
There is also another wrinkle to all this in terms of quantum computing. The pun is not intended, but quantum computers promise to be a “quantum leap” in terms of clipping that “time to crack” time back. (Long time 80s kids might be interested to know that NBC rebooted Quantum Leap last September, but the reviews aren’t great.) The worry is that quantum computing can take – making up numbers here – encryption that would millennia to crack conventionally, take a few days.
These days, we roughly encrypt data in two ways – data in motion (as it moves from client to server), and data at rest (as it sits in storage somewhere). The former is used to prevent eavesdropping and is a simple problem to solve as all you have to do is change the method used for encryption.
The former is substantially spicier. If you happen to have some stolen data today that would take millennia to crack, if you have that data and a quantum computer (that works) that data is no longer secret.
Imagine if you will SPECTRE having an encrypted list of all the world’s spies, which it can’t open, and then one day someone builds a quantum computer under a volcano and, suddenly, not to secret. (This is why security services gather data today that they know they can’t open, and why security services also try to make their encryption methods resistant to quantum computing pressures.)