Data Is Vulnerable to Quantum Computers That Don’t Exist Yet

Future quantum computers may rapidly break modern cryptography. Now a new spin-off from Google’s parent company Alphabet warns that sensitive data is already vulnerable to quantum computers that don’t exist yet, courtesy of codebreaking attacks that steal that data now and could decrypt it in the future. Therefore, it has developed a road map to help businesses, governments and other organizations begin the shift to post-quantum cryptography now.

The new startup, Sandbox AQ (which stands for AI and quantum), has already attracted clients including Mount Sinai Health System, telecommunications firm Softbank Mobile, communications technology company Vodafone Business, and Web developer Wix. It has also reeled in investors including the CIA’s venture capital arm In-Q-Tel and cybersecurity-focused investment firm Paladin Capital Group. Former Google CEO Eric Schmidt is serving as the chairman of its board of directors.

In addition, Sandbox AQ has already partnered with two of the world’s largest professional service firms, Ernst & Young and Deloitte, to help deploy post-quantum cryptography.

“These firms have the scale to educate, engage, and upgrade post-quantum cryptography for their Global 1000 clients, which represent the world’s largest and most successful companies,” says David Joseph, a research scientist at Sandbox AQ in Palo Alto, Calif. “Doing this will multiply the impact of our quantum solutions and help companies protect their customers, data, networks, and other assets today, without having to wait until error-corrected quantum computers become available.”

Quantum computers theoretically can quickly solve problems it might take classical computers untold eons to solve. For example, much of modern cryptography depends on the extreme difficulty that classical computers face with regard to mathematical problems such as factoring huge numbers, but quantum computers could in principle rapidly crack even highly secure RSA-2048 encryption.

To stay ahead of quantum computers, scientists around the world have spent the past two decades designing post-quantum cryptography (PQC) algorithms. These are based on new mathematical problems that both quantum and classical computers find difficult to solve. In January, the White House issued a memorandum on transitioning to quantum-resistant cryptography, underscoring that preparations for this transition should begin as soon as possible.

However, after organizations such as the National Institute of Standards and Technology (NIST) help decide which PQC algorithms should become the new standards the world should adopt, there are billions of old and new devices that will need to get updated. Sandbox AQ notes that such efforts could take decades to implement.

Although quantum computers are currently in their infancy, there are already attacks that can steal encrypted data with the intention to crack it once codebreaking quantum computers become a reality. Therefore, the Sandbox AQ argues that governments, businesses, and other major organizations must begin the shift toward PQC now.

For example, in a store-now-decrypt-later attack, adversaries would capture precious encrypted information now, store it, and decrypt it when practical quantum computers exist. Stolen data could include medical records, national security documents, trade secrets, and more—any information that may still prove valuable even decades later.

“We know for a fact that store-now-decrypt-later attacks are happening right now, and their frequency will only increase the closer we get to delivering a fault-tolerant quantum computer,” Joseph says. “Once encrypted data has been exfiltrated, there is no way to protect it from future decryption and exploitation.”

Store-now-decrypt-later attacks do not need high-profile breaches to succeed. “They could be performed silently by first observing encrypted data on public networks, which would be very difficult to detect,” Joseph says. “Over the public Internet, encrypted data might be sent via many different nodes, and any one of these nodes could be compromised, copying and storing valuable data before forwarding it on to its intended final destination.” [READ MORE]