A Quantum of Reason
Quantum Computers – It’s better to be safe than sorry
A guest post by David Chaum
providers on the topic
The next big thing or even the harbingers of the IT apocalypse: quantum computers are hotly debated. While the technology has been researched for decades, it is – still – a long way from practical applications. IT security companies are not the only ones keeping an eagle eye on developments in the future technology of quantum computing. And for a good reason.

(Image: Siarhei – stock.adobe.com)
The next big thing or even the harbingers of the IT apocalypse: quantum computers are hotly debated. While the technology has been researched for decades, it is – still – a long way from practical applications. IT security companies are not the only ones keeping an eagle eye on developments in the future technology of quantum computing. And for a good reason.
A practical quantum computer would be able to crack numerous encryption methods that are still widespread today in record time. Corresponding algorithms – namely Shor and Grover – were already developed in the 1990s. Asymmetric cryptosystems are particularly at risk, but even symmetric encryption methods are not 100 percent immune to the dangers of quantum computers.
Quantum Computing vs. Symmetric Encryption
The best-known symmetric encryption method is AES (Advanced Encryption Standard). AES was adopted by the National Institute of Standards and Technology (NIST) in 2002 as the official US government encryption standard. The US secret service NSA also accepts AES for the transmission of top-secret data.
AES exists in various versions, which differ primarily in the size of the keys used. This can be 128, 192 or 256 bits. So far, only the 256-bit variant is considered sufficiently quantum-resistant to brute-force attacks with the Grover algorithm. However, it cannot be ruled out that a new quantum algorithm will be found in the future that makes “guessing” the private key even more efficient.
Quantum Computing vs. Asymmetric Encryption
Asymmetric encryption methods are clearly vulnerable to quantum computer attacks. A particularly widespread variant is the RSA algorithm, named after its inventors (Rivest, Shamir, Adleman). Among other things, it is used to encrypt websites – and is therefore ubiquitous. Whenever you visit a website that is preceded by HTTPS, the content is hidden from the eyes of third parties using RSA.
There are also various implementations with different key sizes for RSA. The problem: RSA relies on the mathematical problem of prime factorization to generate key pairs. With the Shor algorithm, a quantum computer could derive the private key from a public key. In a much-cited paper, quantum researchers from Google and KTH Stockholm have calculated that a sufficiently powerful quantum computer could crack RSA-2048 within eight hours.
Other public key methods are inherently vulnerable to quantum computing for the same reason. These include Diffie-Hellman, ECC, El Gamal, and ECDSA, among others. All of them are still largely responsible for data protection today – for example in communication, social media or online banking and shopping.
Quantum Computing vs. Web3
Against this background, quantum computers also pose a particular challenge for the emerging Web3. As the successor to the “join-in web” that was initiated by social media at the beginning of the millennium, Web3 promises more digital participation for (prod) users. Decentralized technologies, above all the blockchain, should help here.
The problem: The current popular cryptocurrencies and smart contract platforms overwhelmingly rely on asymmetric cryptography. For example, the two networks with the largest market capitalization – Bitcoin and Ethereum – rely on ECDSA to cryptographically sign transactions.
However, in order for Web3 to be able to keep its promise of salvation, namely the replacement of the data monarchy represented by Google, Facebook, Amazon and Co. with a decentralized data democracy, it must be based on a correspondingly future-proof – i.e. quantum-proof – technology.
A race against time
The danger of quantum computers for IT security has now also arrived in politics. For example, as recently as May 2022, both the White House and the BSI reaffirmed their respective efforts to switch critical IT infrastructures to quantum-resistant cryptographic methods. A mammoth task: After all, it’s not just about developing new encryption standards for the quantum age, but also about implementing them quickly. Both will take years. The NIST will not present the results of its search for standards for post-quantum cryptography until 2024 at the earliest – which then still have to be implemented.
For its search for standards, the BSI is based on the working hypothesis that there could already be quantum computers in the 2030s, which could pose a threat to IT security. The Federal Office emphasizes that this is not to be understood as a prediction, but as a benchmark for risk assessment, especially in the area of high-security IT. Nevertheless, this shows that the BSI would rather be careful than sorry. IT security companies are therefore also well advised to prepare for the challenges of the quantum age today.
There is still no quantum computer that can crack current encryption methods. Nevertheless, IT security should be on guard. In December 2021, for example, an international team of researchers at ETH Zurich developed a chip with 17 physical qubits, of which only eight are required for quantum error correction. The remaining nine qubits form a single, logical qubit.
The procedure, described by the researchers as a “milestone in quantum error correction”, was published in the journal Nature at the end of May 2022. A preprint was already submitted to Arxiv in December 2021.
For comparison: In 2012, for example, a research team from the USA and Australia still assumed that at least 1,000 to 10,000 physical qubits would be required per logical qubit. And every qubit counts: with 300 logical (and error-corrected) qubits, more bits of information could be stored and processed than there are atoms in the (observable) universe.
On our own behalf: Quantum security “ex works”
Web3 companies would do well to build on a platform that is quantum-proof out of the box. Although Ethereum and Co. can theoretically switch to other signature schemes, node operators, miners and Co. would first have to agree on a solution. The danger of forks that are only carried by parts of a network is quite real.
In view of this, I and my team from xx network have developed a blockchain that relies on quantum-safe, hash-based signatures from the start. With the xx messenger, we have already launched a dApp that makes use of this technology – and also offers maximum privacy including metadata shredding. If you want to get an idea of xx network for yourself, you are cordially invited to visit our homepage and take a look at our white paper.
About the author: David Chaum is widely known as the inventor of digital cash (eCash). He is also responsible for other fundamental innovations in cryptography, including privacy technology and secure voting systems. With a PhD in Computer Science from UC Berkeley, he taught at the NYU Graduate School of Business and the University of California, led a number of groundbreaking projects, and founded the International Association for Cryptologic Research, the cryptography group at the Center for Mathematics and Computer Science in Amsterdam, DigiCash, the Voting Systems Institute and the Perspectiva Fund. He is currently involved in the development of the xx blockchain. The first quantum-resistant, scalable blockchain.
(ID:49258889)

Information Security Asia is the go-to website for the latest cybersecurity and tech news in various sectors. Our expert writers provide insights and analysis that you can trust, so you can stay ahead of the curve and protect your business. Whether you are a small business, an enterprise or even a government agency, we have the latest updates and advice for all aspects of cybersecurity.