In the race between quantum computing and quantum-proof encryption, encryption passed a key checkpoint on Tuesday – a victory for protecting consumer and other data.
In 2016, the National Institute of Standards and Technology asked computer scientists to help develop an encryption algorithm that could protect data from quantum computing attacks. This week Institute announced She would recommend a single mechanism for this purpose: kibero,
Kyber is an open source system for securely establishing a shared secret between parties to encrypt messages. In this way it is like RSA, the most common encryption scheme used today and the heart of many data encryption schemes. Unlike RSA, scientists have not discovered an algorithm capable of cracking Kyber.
Some major technology vendors already support Kyber to some degree, including Amazon. Part of the Amazon Web Services offeringCloudflare also supports Kyber a cryptographic library It builds and maintains, and starting earlier this year published his plan Migrate to post-quantum cryptography.
Although none of these companies have announced they will use Kyber to protect customer data, their initial recommendations suggest that technology providers like the government can (and probably should) offer Kyber as an option. -Looking for a quantum encryption algorithm.
“Today’s announcement is an important milestone in protecting our sensitive data from potential future cyberattacks from quantum computing,” said Secretary of Commerce Gina M. Raimondo. “NIST’s expertise and commitment to cutting-edge technology has enabled us to take the steps necessary to secure electronic information so American businesses can continue to innovate while maintaining the trust of their customers.”
A team of 10 computer scientists from across Europe and North America developed Kyber, based on an award-winning work published in 2009 by Israeli-American computer scientist Oded Regev. Since Kyber was first submitted to NIST in 2017, the team has made two major revisions that improve the overall security and efficiency of the tool.
Kyber uses an area of mathematics called the lattice problem. In contrast, RSA uses an area of mathematics called the factorization problem. Phones, laptops, desktops, servers and other computers built together cannot solve the factoring problem, which makes RSA secure in most situations, but quantum computers will one day be able to crack the encryption.
Mathematicians have known since 1994 how a quantum computer can solve the factorization problem and thus break RSA. The problem is building a computer that actually does this.
“While in the past it was less clear that large-scale quantum computing is a physical possibility, many scientists now only see it as a significant engineering challenge,” it says NIST website On post-quantum encryption.
Quantum computers have uses beyond nefarious ones. They are not only or mainly designed to crack the encryption algorithms used by governments today.
Banks can count on fast artificial intelligence and financial modeling using quantum computers – once a practical quantum computer is available for their use. For these reasons including banks Wells Fargo and Goldman Sachs entered the quantum world.
The exact date when commercial quantum computers will be able to solve these problems is uncertain. Companies like Google, IBM, Intel and Microsoft have invested billions in developing this new era of computing, and while quantum computers can now solve a small number of problems compared to classical computers, they cannot crack or break encryption. Don’t threaten to develop new ones. Medication for at least a few years.
In 2020, the Global Risk Institute, a research organization established by the Canadian government and the country’s largest financial institutions, 44 experts interviewed in quantum computing on the potential for “a significant quantum threat” to contemporary encryption algorithms. Most experts surveyed expect this threat to materialize at less than 1% by 2025.
Most estimated the likelihood of the threat to be less than 5% by 2030. However, their risk estimate for 2035 increased to around a 50% probability and then to over 70% by 2040.
According to NIST, with the inevitable quantum threat yet to arrive, now is the right time to transition cybersystems from pre-quantum to post-quantum cryptography.
“This transition needs to be done well before a large quantum computer is built, so that any information later compromised by quantum cryptanalysis will no longer be confidential if this compromise is made.” Called 2016 by NIST For post-quantum encryption proposals. “Therefore, it is desirable to plan for this transition early on.”
source
