The imitation game 2.0: a race to build quantum computing

How can we adopt new encryption standards in time for the next stage of quantum computing?

In the late 1930s and early 1940s, Alan Turing and contemporary codebreakers worked hard to develop a machine that could break German coded messages. The early work here by Turing formed the foundations for modern day computing and demonstrated the requirement for robust encryption to counteract the capabilities of commercial and government backed entities from reading data. Now, with quantum computing only two years away, the threat of it being able to break today’s data encryption is a threat which is close to becoming a reality.

We are approaching the cliff-edge between new encryption standards and the dawn of quantum computing

All information is encrypted today by a set of standards. These are algorithms defined by governments around with world, with the United States leading the way through the National Institute for Standards and Technology. The goal for these standards is to ensure they can’t be cracked in the near future (which they see around 10 years in the horizon).

With the continued growth of compute power creating further opportunities for the decryption of data, it is critical for the next generation of encryption standards to be developed as early as possible, to stay ahead and keep our data protected.

What we are approaching now is unique: it’s a cliff-edge where new standards could come at the same time, or even within a year, of the dawn of quantum computing. This is a race against the commercial entities supported by states, or state programmes themselves, who are trying to develop these computers which can quite easily break today’s encryption with their sheer compute power.

Steal now, decrypt later

The risk for us all today is apparent. If any data flows under current standards are siphoned off and stored, they can later be decrypted by quantum technology. This can be our personal WhatsApp and iMessage conversations or the personally identifiable information of our customers. All a bad actor needs to do is sit and wait.

All historic data can feasibly be targeted; nothing is safe. It can be stolen now and decrypted later. Those distributed forms of storing information, like blockchain-based smart health records, are a key liability.

What can we do?

It is not clear who is going to win in the context between the next stage of encryption standards and quantum computing. What we do know is that it’s critical for us to adopt these standards as soon as they’re available.

As organisations we can’t see this as something we can do over the next few years when we’re facing such an immediate threat. Companies have the duty to protect their data, and the data of their customers, providing the immediate mandate to update systems and ensure this is the case. First, we need to understand what data we have, how we protect our communications and what will be required to transition to new standards. It will be a huge co-ordinated effort, but it is one of the greatest risks to companies and states alike.

Just like Turing did during the war, quantum computing is set to crack our current encryption standards. Businesses must be prepared to adopt the next generation of encryption standards to ensure they, and their customers, are protected.

Originally published in the Evening Standard

Previous
Previous

What would a state sponsored cyber attack look like?

Next
Next

A house of cards: securing digital connections across organisations