RSA, NIST, and Quantum Computing: The Cause and Cure of All the World’s Problems
Kevin Townsend presents a good argument for taking action on the spectre of quantum computing. With its slow approach, our slower approach to becoming crypto-agile may be overtaken. This would not bode well for today’s encryption, almost regardless of strength. Recommend reading from the source, below. Because Quantum is Coming. Qubit
The Promise and Threat of Quantum Computing
+ The implication is that the ability to crack RSA-2048 in less than a fortnight is probable in the foreseeable future. The ability to do this in one hour is still very distant. Taking a fortnight to discover state secrets or high value intellectual property is a good return – taking a fortnight to discover commercial conversations is less so. Nevertheless, use of quantum-proof cryptography should be implemented sooner rather than later.
Quantum computing promises future information security, but simultaneously threatens all information currently protected by 2048-bit RSA encryption. It is time to evaluate the threat and examine possible solutions.
+ On July 22, NIST announced that its program entered the “Selection Round” that it said would help the agency decide on the small subset of algorithms that will form the core of the first post-quantum cryptography standard.
+ In finding a suitable post-quantum encryption standard, it is useful to consider that the security of RSA encryption is based on two elements: the difficulty of the mathematical problem (factoring large numbers) that needs to be solved, and the assumed lack of any algorithm or method that can solve the problem with current classical computer technology. The quantum threat comes from the increase in computing power together with the existence of an algorithm (Shor’s algorithm) that can harness that power to solve the problem: both parts are necessary.
+ PQC consequently requires a new mathematical problem that is not susceptible to any new algorithms that can use quantum power to solve the problem. In reality, that is no different to RSA today – it assumes that there is no algorithm capable of breaking the encryption with classical computing in a meaningful time. (Shor’s algorithm is not general purpose – it offers no route to breaking anything other than factorization or discrete logarithm problems, and requires the parallelism of quantum computers.)
+ The task is incredibly complex, but the NIST competition makes a solution likely within the next few years. With current known advances in quantum computing, this is likely to be in time to protect future secrets – but existing secrets protected by RSA-2048 or even RSA-3072 may well become vulnerable within the next decade. All thanks to quantum computing and Peter Shor’s 25-year-old algorithm.
Content may have been edited for style and clarity. The “+” to the left of paragraphs or other statements indicates quoted material from “Source:” document. Boldface title is original title from “Source:” Italicized statements are directly quoted from “Source:” document. Image sources are indicated as applicable.