A US government agency on Tuesday named four technologies it expects will keep computer data secret when quantum computers mature enough to crack today’s encryption technology.
Scientists have proven that quantum computers can break mainstream encryption technology if today’s progress in quantum computers is sustained long enough. The National Institute of Standards and Technology (NIST) has overseen a hunt to design and test post-quantum cryptography technology to protect that data.
Of the four technologies NIST picked, two are expected to be more widely used. One, called Crystals-Kyber, is for establishing digital keys that two computers need to share encrypted data, and the other, Crystals-Dilithium, is for signing encrypted data to establish who sent it. It’ll likely take two years for the approaches to be standardized enough for incorporation into today’s software and hardware.
Quantum computers have been steadily progressing, but it’ll likely still take years of work to create machines that are reliable and powerful enough to crack encryption. But it’s still an urgent issue. It takes years to find new encryption methods, ensure they’re safe and install them widely. And government agencies and hackers can harvest today’s potentially sensitive information with the expectation they’ll be able to crack it later when it’ll still be valuable.
“We believe 10 to 15 years is a commonly held viewpoint on the timescales for attack,” said Duncan Jones, head of cybersecurity for quantum computer hardware and software maker Quantinuum. “But with the possibility of ‘hack now, decrypt later,’ the attacks may have already begun.”
Quantum computers also could undermine cryptocurrencies, which also use today’s cryptography technology.