Posted on 07 October, 2022
The imitation game 2.0: A race to build quantum computing
In the late 1930s and early 1940s, Alan Turing and the codebreakers at Bletchley Park worked hard to develop a machine that could break German coded messages. The early work here by Turing formed the foundations for modern-day computing and demonstrated the requirement for robust encryption to counteract the capabilities of commercial and government-backed entities from reading data. Now, with quantum computing fast approaching, the threat of it being able to break today’s data encryption is close to becoming a reality.
All information today is encrypted by a set of standards. These are algorithms defined by governments around the world, with the United States leading the way through the National Institute for Standards and Technology (NIST). The goal for these standards is to ensure they can’t be cracked in the near future (which they see as about a 10-year horizon).
With the continued growth of compute power creating further opportunities for the decryption of data, it is critical for the next generation of encryption standards to be developed as early as possible, to stay ahead and keep our data protected.
What we are approaching now is unique; it’s a cliff-edge where new standards could come at the same time, or even within a year, of the dawn of quantum computing. This is a race against the commercial entities supported by states, or state programmes themselves, who are trying to develop computers which can, quite easily, break today’s encryption with their sheer compute power.
Steal now, decrypt later
Every organisation and individual is at risk today. If any data flows under current standards are siphoned off and stored, they can later be decrypted by quantum technology. This can be our personal WhatsApp or iMessage conversations, or the personally identifiable information of our customers. All a bad actor needs to do is sit and wait.
All historic data can feasibly be targeted; nothing is safe. It can be stolen now and decrypted later. Those distributed forms of storing information, like blockchain-based smart health records, are a key liability.
What can we do?
It’s not clear who is going to win when it comes to the next stage of encryption standards and quantum computing. What we do know is that it’s critical for us to adopt these standards as soon as possible. With NIST having announced the first four encryption algorithms from their 6 year long process in July this year, the first steps have been taken.
As organisations, we cannot view this as “something we can do over the next few years” when we are all facing such an immediate threat. Companies have the duty to protect their data, and the data of their customers, providing the immediate mandate to update systems to ensure this is the case. First, we must understand what data we have, how we protect our communications, and what will be required to transition to new standards. It will be a huge coordinated effort, but it is one of the greatest risks to companies and states alike.
Just like Turing did during the War, quantum computing is set to crack our current encryption standards. Businesses must be prepared to adopt the next generation of encryption standards to ensure they, and their customers, are protected.