“We assumed the quantum threat wasn’t something that we would never have to worry about in our lifetime but the planning horizon for quantum computers should be about eight years”, says Richard Moulds, general manager at Whitewood Security
“Existing cryptosystems will be broken. Not just one of them, but all of them.” Richard Moulds, general manager at Whitewood Security, warns me cheerfully, “The whole premise of cryptography is that getting keys is not worth the effort, but the keys that we use on the internet, and for protecting cellphone traffic, and for protecting Internet-of-things traffic, become instantly vulnerable once somebody gets a quantum computer.”
This sounds a bit like he’s the genius crank scientist in the Hollywood disaster movie who has been summoned from his obscure lecturing job in a community college to meet the president. We laughed at the time, but it turns out the Moulds guy was right all along! Well, he would be right if anyone was going to make a quantum computer in less than a decade.
“We assumed the quantum threat wasn’t something that we would never have to worry about in our lifetime,” Moulds continues, “but the planning horizon for quantum computers should be about eight years.”
Oh, come on. But Moulds is not a genius crank scientist. It was the NSA who issued this warning last year.
While key-guessing is computationally arduous enough that it’s impractical for classic computers unless you are prepared to wait a long time. We assume that much of the world’s encrypted data has already been stolen by hackers, state or otherwise, but we don’t worry about it because by the time the encryption keys are deciphered, it’ll be too old to be useful.
Unfortunately, the NSA’s warning implies that this way no longer be the case. If you’re carrying or storing data, what to do? In the short term, Mould says, carry on encrypting it to the highest standard that’s practical (that’s something that Experian didn’t bother to for the plain-text records of the 145.5 million people whose personal details were stolen, for example). “The highest standard” isn’t just a matter of the length of the encryption key, because millions of today’s keys are probably vulnerable to the limitations of pseudo-random-number generators used to generate them. As Mould points out: “the University of Pennsylvania last year did a survey of all of the all the web sites that do Internet encryption, and they found that about 3% of all the keys on the planet are easily deducible, and that nearly 1% of all the keys on the planet were actually exactly the same.”
This is partly because modern data centres have very few sources of entropy (randomness) to call on, because they are deterministic by design. In search of true entropy, some data centres have even pointed cameras at lava lamps, which, Mould adds, is fine until someone turns the lamp off. That’s why Whitewood Security is delivering “entropy as a service” to customers who want a source of pure randomness to beef up security.
Longer term, we’re back in the quantum world. Quantum encryption finally discovers a reason for schoolkids to learn about The Heisenberg Uncertainty Principle. This states that observer who measures information about an elementary particle’s location would destroy information on its speed, and vice versa. By sharing a one-time encryption key using photons, the two parties to a communication would be able to detect if anyone had tried to read the key, because that would have changed the information.
In Hollywood, only a maverick scientist would launch a satellite that makes quantum key exchange possible, thus saving the world from hackers. Disappointingly, Chinese and Japanese government researchers have ruined the storyline by doing this already in real life. The Chinese satellite was first, sending data encrypted using this method 1,200 kilometres to Earth. At ground level, startups like QuintessenceLabs can already send encryption key data using this method, but only short distances through a single fibre optic cable.
Mould is remarkably cheerful about the coming apocalyse, considering. “In the telecoms industry, the IoT infrastructure doesn’t change every ten minutes. It is massively expensive stuff in boxes or in the middle of nowhere,” he says, “So most of what we put in place today will still be there when a quantum computer shows up.”