A US government agency on Tuesday named four technologies it expects will keep computer data secret when quantum computers are mature enough to crack today’s encryption tech.
Scientists have showen that quantum computers can break mainstream encryption technology if today’s progress in quantum computers is sustained long enough. The National Institute of Standards and Technology (NIST) has overseen a hunt to design and test post-quantum cryptography tech to protect that data.
Of the four technologies that the national institute picked, two are expected to be more widely used.
One, called Crystals-Kyber, is for establishing digital keys that two computers need to share encrypted data. The other, Crystals-Dilithium, is for signing encrypted data to establish who sent the data. It’ll likely take two years for the approaches to be standardized enough for incorporation into today’s software and hardware.
Quantum computers have been steadily progressing, but it will likely still take years of work to create machines that are reliable and powerful enough to crack encryption. Regardless, shoring up encryption now is an urgent issue. It takes years to find new encryption methods, ensure they’re safe and install them widely. And government agencies and hackers can harvest today’s sensitive information with the expectation they’ll be able to crack it later when the data will still be valuable.
“We believe 10 to 15 years is a commonly held viewpoint on the timescales for attack,” said Duncan Jones, head of cybersecurity for quantum computer hardware and software maker Quantinuum. “But with the possibility of ‘hack now, decrypt later,’ the attacks may have already begun.”
Quantum computers also could undermine cryptocurrencies, which also use today’s cryptography technology.