Quantum computers have a variety of theoretical uses, but the one that has generated the most interest is the likelihood of them making short work of present-day encryption standards. That day remains far off, but researchers in China have taken the first step to crack encryption that keeps the present-day internet safe.
Researchers at Shanghai University used the D-Wave quantum computer, the first commercially available model to use quantum annealing, to demonstrate decryption of a working RSA public key. D-Wave has made these computers available to select customers since 2011 and more generally since 2015, and the researchers only decrypted a 50-bit integer; a far cry from the more common present-day minimum RSA standard of 2048 bits. But the incident does demonstrate that the timeline to crack encryption that is not quantum-resistant, something that many feel is still at least 10 years off, may be shorter than expected.
Chinese researchers crack encryption of RSA key, but no general threat just yet
Existing quantum computers still badly lag the computational power needed to break even the basic standards of internet encryption, but the timetable may have been moved forward to as little as a few years. What is concerning about the research report is the development of new specialized quantum techniques that wring more out of the presently modest hardware, something that could indicate a more near-term and gradual ability to crack encryption standards one after the other with focused attacks.
The method demonstrated by the researchers harnesses the “quantum annealing” process available with existing D-Wave computers in a new way, specifically finding an approach suited for prime factorization. This likely builds off of research that came out of Italy earlier this year. The technique demonstrates that innovative approaches could reduce the estimated amount of qubits needed to crack encryption, moving the timeline up as much as years.
The research paper targets Substitution-Permutation Network (SPN) encryption methods, which means that this attack could also theoretically compromise Advanced Encryption Standard (AES) standards such as Present, Rectangle, and Gift-64. AES is a standard specifically developed by the US government and used to protect its critical systems, though it is also used broadly across the world for a massive variety of applications.
At the moment, the Shanghai University technique is no threat to break commonly used modern encryption standards. Experts tend to think that, at absolute best, the threat to individual encryption methods is still no less than four or five years off. Some still believe it will be a decade or more before quantum computing is a serious problem. But this will give some of those charged with implementation of quantum-safe systems pause, particularly highly sensitive systems that may now have to adjust plans to achieve implementation within the next few years to be safe.
Are quantum computer-safe encryption methods now behind schedule?
The threat that quantum computers pose has been front-of-mind in security circles for some years now, but the development of this ability to crack encryption (limited though it may still be) is going to raise natural questions about whether the security side is keeping up in the race.
Though there is little to fear from the existing D-Wave computers, they are also far from a casual or hobbyist purchase. Ownership of one will generally range into the tens of millions of dollars, and most researchers rent them out at a cost of about $2,000 per hour for cloud-based access. By comparison one would need millions of qubits available to crack encryption currently used in secure applications in a short amount of time, and the current D-Wave models only offer 5,000 qubits.
A 2023 survey by the Global Risk Institute found a majority consensus among cryptography experts that quantum computers will be definitely able to defeat today’s RSA-2048 standard with a relatively trivial amount of effort within 30 years. Beyond that, opinions about the timeline vary greatly. The biggest skeptics see it as one of the next major hype bubbles of the tech world, designed to court investment that will ultimately go to waste. A more common skeptical view is that the threat to crack encryption is real, but the practical applications beyond that are much more limited and that the whole enterprise may end up not being worth its weight in gold due to instability and incredible resource demands.
Stakeholders are certainly taking the threat seriously, however, with NIST recently releasing the first of its post-quantum cryptographic algorithms after a selection process that spanned years. NIST has said that these choices are viable as the primary line of defense against the first quantum computers that crack encryption, and it is advisable for organizations to begin implementing them immediately as there will not be “better versions” forthcoming. Some companies, such as Apple, have also internally begun developing their own security protocols meant to address the eventual reality of quantum cracking.
Kevin Bocek, Chief Innovation Officer at Venafi (a CyberArk company), believes that this should serve as a wake-up call even though the true threat remains years off: “As we edge closer to the day that a quantum computer capable of cracking encryption becomes a reality, it’s important that companies consider their quantum readiness plans. A big part of this challenge is knowing where machine identities – i.e. the system of authentication keys and certificates that secure machine to machine communication that our digital world relies on – are being used. Larger organizations will have thousands, or even hundreds of thousands, of identities that need to be replaced with new quantum-proof identities.”
“64% of security leaders say they “dread the day” the board asks about their migration plans and 67% think the shift to post-quantum cryptography will be a nightmare, as they don’t know where all their keys and certificates are. Moreover, many companies have their heads in the sand. 78% of security leaders say if a quantum computer capable of breaking encryption is built, they will “deal with it then,” with 60% believing that quantum computing doesn’t present a risk to their business today or in the future. Moreover, 67% dismiss the issue, stating it has become a “hype-pocalypse.” The good news is that the platforms that companies will need to adjust to a post-quantum world are already here. 86% of security pros recognize that taking control of the management of machine identities is the best way to prepare for future quantum risks. Security teams can get certificate lifecycle management (CLM), PKI-as-a-service and workload identity issuers all on one control plane now. And the automation we put in place with machine identity security not only gets us ready for the post-quantum future, it also provides protection and efficiencies for securing machine identities today,” noted Bocek.