Despite significant technical challenges, there is “no fundamental reason why a large, fault-tolerant quantum computer could not be built in principle,” the National Academies of Sciences, Engineering and Medicine conclude in a recent study.
It is too early to say how soon quantum computer might be practical, but it is not too early to thing about protecting encrypted data.
As with most advances in technology, this new computing paradigm presents both opportunities and threats. The ability to harness quantum bits promises to let us tackle tasks of a complexity now impossible, but it also would threaten current IT security.
“Quantum computing will have a major impact on cryptography, which relies upon hard-to-compute problems to protect data,” the National Academies analysts say. It is unlikely to happen within the next decade., but “even if a quantum computer that can decrypt current cryptographic ciphers is more than a decade off, the hazard of such a machine is high enough—and the time frame for transitioning to a new security protocol is sufficiently long and uncertain—that prioritization of the development, standardization, and deployment of post-quantum cryptography is critical for minimizing the chance of a security and privacy disaster.”
Work is under way
The National Academies have released their findings in a pre-publication report, Quantum Computing: Progress and Prospects, which assesses the work being done in quantum computing, the challenges that remain to be tackled and the prospects for creating and deploying a practical computer. The scope of the challenges and the numerous variables affecting the research make it “too early to be able to predict the time horizon for a scalable quantum computer.”
Despite this uncertainty, cryptologists are taking the threat seriously. “There is an active effort to develop post-quantum cryptography, asymmetric ciphers that a quantum computer cannot defeat,” the analysts say. “These are likely to be standardized in the 2020s.”
Ironically, this work to strengthen cryptography could slow down development of quantum computing. “The existence of cryptographic algorithms that are believed to be quantum-resistant will reduce the usefulness of a quantum computer for cryptanalysis and thus will reduce the extent to which this application will drive quantum computing R&D in the long term.”
That does not mean that strengthening crypto should not be a high priority. “Companies and governments cannot afford to have their now-private communications decrypted in the future, even if that future is 30 years away. For this reason, there is a need to begin the transition to post-quantum cryptography as soon as possible.”
Why quantum computing
Computing power has been increasing steadily since the development of digital computers. But we have reached a point where quantum computers are the only known model that could offer exponential speedup over today’s computers. That leap would open up new horizons for solving problems, modeling extremely complex environments and analyzing the huge volumes of data now being gathered in our digital world.
I won’t go into the technical details of quantum computing (which I honestly do not understand), but instead of using a digital 0-or-1 model for manipulating data it takes advantage of quantum mechanics that allow information to be encoded in quantum bits that can exist in multiple states at the same time. This condition of “superposition” allows much greater computing speed, but is also noisy and requires lots of error correction.
Researchers are learning how to manipulate quantum bits—or qubits—but quantum computing today has not progressed much beyond the proof-of-concept stage. Finding the private key of a 1024-bit RSA-encrypted message would require a machine that is “more than five orders of magnitude larger and has error rates that are about two orders of magnitude better than current machines,” National Academies analysts said.
So it will be a while before we enjoy the benefits and endure the threats of practical quantum computing. Like many advances in technology, it probably will take longer than we expect, and then happen faster than we imagine. So it’s a good idea to start preparing now.