Advanced data encryption has powered some of the most important data protection technologies in the world today, used by tech giants of all kinds. In their research paper, Chinese researchers say that they cracked military-grade encryption with the help of a quantum computer. The assertion raised eyebrows across the world for obvious reasons, but should we really be worried?
Chinese researchers, led by Wang Cha of Shanghai University, said in a research paper that they used a quantum computer produced by Canada’s D-Wave Systems to breach cryptographic algorithms.
The paper talks about two methods “grounded in the quantum annealing algorithm, using pure quantum algorithm and quantum annealing combined with [a] classical algorithm to implement [an] RSA public key cryptography attack.”
The researchers were able to attack the Advanced Encryption Standard (AES) and Rivest-Shamir-Adleman (RSA) successfully. The findings concerned many as AES is widely used in military as well as finance.
China can now crack the same encryption algorithms used by banks with quantum computers.🙇♂️
The Quantum timeline just sped up overnight.⏰ https://t.co/hC5hGjjruJ pic.twitter.com/twXFZ7WSWm
— SMQKE (@SMQKEDQG) October 13, 2024
What Are Quantum Computers
Quantum computers are still in the early stages of development and aren’t yet powerful enough to compete with regular computers in most tasks. To store and process information, they use quantum bits instead of bits that are used by traditional computers. They are much faster than traditional computers at certain tasks but they are extremely costly. For instance, the D-Wave quantum computer that Chinese researchers used cost as much as $15 million in 2017. These can now however be rented through quantum cloud service for around $2,000 per hour.
They are so expensive because quantum bits must be kept at near absolute zero to function properly, requiring a massive apparatus to cool each qubit.
Quantum Computers are undoubtedly a threat to encryption but experts disagree on the severity of the problem. Notably, encryption itself is not foolproof but the computers currently in use would take a very long time to break it. However, given their stealth, quantum computers can theoretically break encryption much more easily and quickly.
“The experiments indicate that, in the context of slow progress in universal quantum computing devices, D-Wave quantum annealing has shown better realistic attack capabilities,” said the Chinese researchers in their paper. If you want an easy-to-follow full walkthrough of the mechanisms that make quantum computers better at breaking encryption, check out Veritaseum’s breakdown below.
Breaking Encryption Can Play Havoc With Many Things
If the most popular types of encryption in use today can be broken by quantum computers, the tech could wreak havoc, threatening financial transactions, private messaging, and entire cryptocurrencies. Cryptocurrencies, which are entirely based on cryptography, could especially be at risk as blockchain relies on encryption to secure transactions. Theoretically, if bad actors got control of a strong enough quantum computer, they might be able to drain crypto wallets with ease.
If encryption in these transactions is indeed broken, it could destabilize cryptocurrency markets and crush confidence in the crypto ecosystem.
Should We Really Worry About the Research Work of Chinese Scholars?
While the findings of Chinese researchers are bound to raise an alarm, most researchers believe that quantum computers are still a few years away from cracking cryptographic keys.
Also, some believe that the research findings are being sensationalized and are not as pathbreaking as they are made out to be.
DigiCert head of R&D, Avesta Hojjati, said, “While the research shows quantum computing’s potential threat to classical encryption, the attack was executed on a 22-bit key – far shorter than the 2048 or 4096-bit keys commonly used in practice today. The suggestion that this poses an imminent risk to widely used encryption standards is misleading.” He added, “This research, while intriguing, does not equate to an immediate quantum apocalypse.”
Hojjati, who believes that “We are still far from a practical attack that can threaten real-world encryption systems, especially with the current state of quantum computing,” advises “we should remain cautious but not alarmist.”
Encryption Might Get Ready for a Post-Quantum Computer World
Moreover, encryption is always evolving to prepare for a post-quantum computer world. In fact, researchers have developed codes that even quantum computers cannot crack. Last month, the US National Institute of Standards and Technology (NIST) released a final set of encryption tools that can survive the attack of a quantum computer.
NIST along with the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) are calling upon organizations to work towards the migration to post-quantum cryptographic standards and develop a Quantum-Readiness Roadmap.
“Early planning is necessary as cyber threat actors could be targeting data today that would still require protection in the future (or in other words, has a long secrecy lifetime), using a catch now, break later or harvest now, decrypt later operation,” said the three US government agencies in a note.
Companies Are Pivoting to Post-Quantum Cryptography
Leading organizations have already started preparing for the impending threat from quantum computers. For instance, earlier this year, Apple announced its PQ3 security protocol which it said was “a groundbreaking post-quantum cryptographic protocol that advances the state of the art of end-to-end secure messaging.”
It added, “To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.”
NEW: Zoom is the first UCaaS provider to offer post-quantum end-to-end encryption for videoconferencing, now available for Zoom Meetings in Zoom Workplace 📣 ➡️ https://t.co/kqZngunRJ6
Safeguarding user data against potential future threats is a priority, which is why we’ve… pic.twitter.com/XU9J7y5y6c
— Zoom (@Zoom) May 21, 2024
Google Chrome has also developed a hybrid post-quantum cryptographic key exchange named Kyber. Zoom has also added post-quantum end-to-end encryption in its Zoom Workplace as it joins the long list of companies that are preparing their services to cryptographic standards that can withstand the threat from quantum computers.
As for cryptocurrencies, while popular names like Bitcoin and Ethereum might be susceptible to being hacked by quantum computers, some cryptos like Mochimo are positioning themselves as “quantum resistant cryptocurrency,” and it is about time that other cryptos also follow suit.