Quantum Computers – It’s better to be safe than sorry

A Quantum of Reason
Quantum Computers – It’s better to be safe than sorry

03/20/2023

A guest post by David Chaum

providers on the topic

The next big thing or even the harbingers of the IT apocalypse: quantum computers are hotly debated. While the technology has been researched for decades, it is – still – a long way from practical applications. IT security companies are not the only ones keeping an eagle eye on developments in the future technology of quantum computing. And for a good reason.

The next big thing or even the harbingers of the IT apocalypse: quantum computers are hotly debated. While the technology has been researched for decades, it is – still – a long way from practical applications. IT security companies are not the only ones keeping an eagle eye on developments in the future technology of quantum computing. And for a good reason.

A practical quantum computer would be able to crack numerous encryption methods that are still widespread today in record time. Corresponding algorithms – namely Shor and Grover – were already developed in the 1990s. Asymmetric cryptosystems are particularly at risk, but even symmetric encryption methods are not 100 percent immune to the dangers of quantum computers.

Quantum Computing vs. Symmetric Encryption

The best-known symmetric encryption method is AES (Advanced Encryption Standard). AES was adopted by the National Institute of Standards and Technology (NIST) in 2002 as the official US government encryption standard. The US secret service NSA also accepts AES for the transmission of top-secret data.

AES exists in various versions, which differ primarily in the size of the keys used. This can be 128, 192 or 256 bits. So far, only the 256-bit variant is considered sufficiently quantum-resistant to brute-force attacks with the Grover algorithm. However, it cannot be ruled out that a new quantum algorithm will be found in the future that makes “guessing” the private key even more efficient.

Quantum Computing vs. Asymmetric Encryption

Asymmetric encryption methods are clearly vulnerable to quantum computer attacks. A particularly widespread variant is the RSA algorithm, named after its inventors (Rivest, Shamir, Adleman). Among other things, it is used to encrypt websites – and is therefore ubiquitous. Whenever you visit a website that is preceded by HTTPS, the content is hidden from the eyes of third parties using RSA.

There are also various implementations with different key sizes for RSA. The problem: RSA relies on the mathematical problem of prime factorization to generate key pairs. With the Shor algorithm, a quantum computer could derive the private key from a public key. In a much-cited paper, quantum researchers from Google and KTH Stockholm have calculated that a sufficiently powerful quantum computer could crack RSA-2048 within eight hours.

Other public key methods are inherently vulnerable to quantum computing for the same reason. These include Diffie-Hellman, ECC, El Gamal, and ECDSA, among others. All of them are still largely responsible for data protection today – for example in communication, social media or online banking and shopping.

Quantum Computing vs. Web3

Against this background, quantum computers also pose a particular challenge for the emerging Web3. As the successor to the “join-in web” that was initiated by social media at the beginning of the millennium, Web3 promises more digital participation for (prod) users. Decentralized technologies, above all the blockchain, should help here.

The problem: The current popular cryptocurrencies and smart contract platforms overwhelmingly rely on asymmetric cryptography. For example, the two networks with the largest market capitalization – Bitcoin and Ethereum – rely on ECDSA to cryptographically sign transactions.

However, in order for Web3 to be able to keep its promise of salvation, namely the replacement of the data monarchy represented by Google, Facebook, Amazon and Co. with a decentralized data democracy, it must be based on a correspondingly future-proof – i.e. quantum-proof – technology.

A race against time

The danger of quantum computers for IT security has now also arrived in politics. For example, as recently as May 2022, both the White House and the BSI reaffirmed their respective efforts to switch critical IT infrastructures to quantum-resistant cryptographic methods. A mammoth task: After all, it’s not just about developing new encryption standards for the quantum age, but also about implementing them quickly. Both will take years. The NIST will not present the results of its search for standards for post-quantum cryptography until 2024 at the earliest – which then still have to be implemented.

As of 10/30/2020

It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. You can find detailed information in our data protection declaration.

Consent to the use of data for advertising purposes

I agree that Vogel IT-Medien GmbH, Max-Josef-Metzger-Straße 21, 86157 Augsburg, including all companies affiliated with it within the meaning of Sections 15 et seq. AktG (hereinafter: Vogel Communications Group) my E e-mail address for sending editorial newsletters. Lists of the respective associated companies can be accessed here.

The content of the newsletter extends to the products and services of all the companies mentioned above, including, for example, trade journals and specialist books, events and trade fairs as well as event-related products and services, print and digital media offers and services such as other (editorial) newsletters, competitions, lead campaigns, Market research in the online and offline area, subject-specific web portals and e-learning offers. If my personal telephone number was also collected, it may be used for submitting offers for the aforementioned products and services from the aforementioned companies and for market research.

If I call up protected content on the Vogel Communications Group portals, including its affiliated companies within the meaning of §§ 15 ff. AktG, I have to register with additional data for access to this content. In return for this free access to editorial content, my data may be used in accordance with this consent for the purposes stated here.

READ:  What Are Authorizations?

right of revocation

I am aware that I can revoke this consent at any time for the future. My revocation does not affect the legality of the processing carried out on the basis of my consent up to the time of revocation. In order to declare my revocation, I can use the contact form available at as one option. If I no longer wish to receive individual newsletters to which I have subscribed, I can also click on the unsubscribe link at the end of a newsletter. I can find more information about my right of withdrawal and how to exercise it, as well as the consequences of my withdrawal, in the data protection declaration, section Editorial newsletters.

For its search for standards, the BSI is based on the working hypothesis that there could already be quantum computers in the 2030s, which could pose a threat to IT security. The Federal Office emphasizes that this is not to be understood as a prediction, but as a benchmark for risk assessment, especially in the area of ​​high-security IT. Nevertheless, this shows that the BSI would rather be careful than sorry. IT security companies are therefore also well advised to prepare for the challenges of the quantum age today.

There is still no quantum computer that can crack current encryption methods. Nevertheless, IT security should be on guard. In December 2021, for example, an international team of researchers at ETH Zurich developed a chip with 17 physical qubits, of which only eight are required for quantum error correction. The remaining nine qubits form a single, logical qubit.

The procedure, described by the researchers as a “milestone in quantum error correction”, was published in the journal Nature at the end of May 2022. A preprint was already submitted to Arxiv in December 2021.

For comparison: In 2012, for example, a research team from the USA and Australia still assumed that at least 1,000 to 10,000 physical qubits would be required per logical qubit. And every qubit counts: with 300 logical (and error-corrected) qubits, more bits of information could be stored and processed than there are atoms in the (observable) universe.

On our own behalf: Quantum security “ex works”

Web3 companies would do well to build on a platform that is quantum-proof out of the box. Although Ethereum and Co. can theoretically switch to other signature schemes, node operators, miners and Co. would first have to agree on a solution. The danger of forks that are only carried by parts of a network is quite real.

In view of this, I and my team from xx network have developed a blockchain that relies on quantum-safe, hash-based signatures from the start. With the xx messenger, we have already launched a dApp that makes use of this technology – and also offers maximum privacy including metadata shredding. If you want to get an idea of ​​xx network for yourself, you are cordially invited to visit our homepage and take a look at our white paper.

About the author: David Chaum is widely known as the inventor of digital cash (eCash). He is also responsible for other fundamental innovations in cryptography, including privacy technology and secure voting systems. With a PhD in Computer Science from UC Berkeley, he taught at the NYU Graduate School of Business and the University of California, led a number of groundbreaking projects, and founded the International Association for Cryptologic Research, the cryptography group at the Center for Mathematics and Computer Science in Amsterdam, DigiCash, the Voting Systems Institute and the Perspectiva Fund. He is currently involved in the development of the xx blockchain. The first quantum-resistant, scalable blockchain.

(ID:49258889)