Quantum computing could allow malicious actors to compromise public-key cryptography systems by carrying out decryption without prior knowledge of the private key, thereby compromising the integrity of Internet protocols like HTTPS (TLS) required for secure browsing, online banking, and online shopping, the European Data Protection Supervisor has warned.
A report published by the Technology and Privacy Unit of the European Data Protection Supervisor (EDPS) has highlighted concerns around malicious actors and entities using superior computing capabilities afforded by quantum computing to break public-key cryptography systems as well as symmetric cryptography systems such as AES, thereby compromising the integrity of HTTPS that uses asymmetric and symmetric cryptography together.
"Quantum computing can break many of today’s classical cryptography and as such harm severely IT security. The risk extends to the core internet security protocols. Nearly all of today’s systems that demand security, privacy or trust, would be affected," the report warned.
While public-key cryptography relies on the use of cryptographic protocols based on algorithms such as RSA that requires two separate keys, a private and a public key, a sufficiently powerful quantum computer can enable adversaries to carry out the decryption without prior knowledge of the private key, thereby defeating the very purpose of encryption.
Malicious actors could also use increasing computing power afforded by Quantum computing to carry out retrospective decryption of data from the past by exploiting the existing use of short key lengths in today's classic computers to encrypt data.
"Security experts regularly call out for an increase of key lengths to keep data secure for a given period. Some governments’ secret services are reported to collect data purposefully for future retrospective decryption. Quantum computers though follow different laws and would allow retrospective decryption in many cases much earlier," the report said.
Post-quantum cryptography needed to secure encrypted data in the future
The European Data Protection Supervisor also said via the report that in order to prevent the decryption of sensitive data using the power of Quantum computing by adversaries, organisations must start work on the development of post-quantum cryptography whose security will be unaffected by quantum computers.
Post-quantum cryptography will involve the use of very different mathematical building blocks, which incorporate mathematical operations that quantum computers cannot solve more efficiently than other computers.
"Post-quantum cryptography however will likely come with performance drawbacks and require larger computing resources to e.g. encrypt and decrypt data or sign and verify signatures and more networking resources to exchange lengthier keys and certificates. Post-quantum cryptography is not yet standardised. Sufficient and convincing knowledge must be available to conclude in a so-called cryptanalysis that such a solution is safe for both quantum and binary computing," the authority said.
However, the good news here is that even though a few demonstrations of the power of Quantum Computing have already taken place, the European Data Protection Supervisor believes it will take more than a decade to build a quantum computer that will be able to execute useful algorithms of practical relevance. This will allow organisations and researchers more time to develop and refine post-quantum cryptography systems and algorithms.
"Based on what we know today there is no immediate threat posed by a quantum computer in the foreseeable future. It may likely take decades to build a usable quantum computer that can execute known algorithms. But for data that needs to remain safe for very long, this uncertainty poses an issue that may require an early transition to post-quantum cryptography," the authority added.
Commenting on the warning issued by EDPS, Paul Bischoff, privacy advocate with Comparitech, said that Quantum computing could allow an attacker to brute force encryption keys in a much shorter period of time than traditional brute force methods. It's hard to say when quantum computing will actually be practical, but early adopters will most likely be nation-state actors with the resources to launch such attacks.
"Many academics and private companies are already working on quantum-proof or quantum-resistant encryption algorithms in preparation for the day that quantum computing can be weaponised. The biggest concern is the transition period between traditional encryption and quantum-resistant encryption.
"It could take years for individuals, governments, and organizations to upgrade to quantum-resistant encryption, and in the meantime their systems and communications could be vulnerable, even if quantum-resistant algorithms are available," he added.
Martin Jartelius, CSO at Outpost24, says that the threat of quantum computing being used to break encryption applies only to data that must remain secret, not just in ten years, but for an extended period of time.
"If you are transmitting information that has to be kept secret for a very long duration of time, it is something to indeed look into, as an attacker could record traffic today, to break the cryptography later when feasible and thus gain access to it. Those concerned by this will be a very limited subset of organizations and individuals," he said.