The Quantum Break Is Coming: Will You Be Ready?
The Quantum Break is Comingwill You Be Ready Date Of Presentaion P
The Quantum Break is Comingwill You Be Ready? • Date of Presentaion • Presenter’s Name • Presenter’s Title • Presenter’s Email Address 1 Slide Information Based on: • What is Quantum Computing? • How Long Till Quantum Computing Breaks Public Key Crypto? • How to Prepare Today’s Presentation â– A single particle can be two different things in two different places at the same time â– In a series of ordered actions, a single event can be both “first†or “last†■Fuzzy entanglement • Two distant objects can be tied to each other so that when one moves it instantly changes the other, and we don’t know why • Viewing or measuring something now can change what it did in the past • Teleportation is absolutely possible â– Answers may be in another universe Quick Strange Quantum Facts “Those who are not shocked when they first come across quantum theory cannot possibly have understood it.†Niels Bohr, Quantum Physicist and 1922 Nobel Prize Winner “Any sufficiently advanced technology is indistinguishable from magic.†Arthur C. Clarke, sci-fi author Summary â– Soon quantum computers are likely to break most traditional public key crypto and every secret it protects • Ex: RSA, DH, ECC, ElGamal, PKI, digital certificates, digital signatures, TLS, HTTPS, VPNs, WiFi protection, smartcards, HSMs, crypto-currencies, two-factor authentication which relies on digital certificates (e.g. FIDO keys, Google security keys, etc.), etc. Quantum Break What Is Quantum Computing? Traditional Computers • Traditional computers are binary • Each bit can be 1 or 0, negative or positive charge, on or off • Each bit can only be one thing at one time What is Quantum Computing? Quantum Computers â– First theorized in 1959 by Richard Feynman â– A quantum bit (qubit or qbit or qb) – a qubit can be read as two states (0 and 1) AT THE SAME TIME • 1qb=2bits, 2qb=4bits, 3qb=8bits… What is Quantum Computing? Quantum Computers â– If we were calculating all the possible combinations on a chessboard â– 2^64 â– and each option was represented by a grain of rice â– Then the number of grains of rice would be as high as Mount Everest What is Quantum Computing? X = Quantum Computers â– To bruteforce factor a 4096-bit prime number equation would take more than the known atoms in the universe â– There are more than 125 million atoms in the period at the end of this sentence. â– Suppose you had a million pennies for every star in the universe, and there are 100 billion stars in each of the 10 trillion galaxies of our universe, you still would have only enough pennies to represent 1 percent of the possible numbers a 4096-bit number could be, much less figure out the two larger prime numbers that were used to create it. â– Conventional computers cannot do it â– Quantum computers can likely do it in minutes What is Quantum Computing? Quantum Computers • 1998 – First working quantum computer, 2-qubits • 2000 – 5- and 7-qubit computers • 2005 – 8-qubit computer • 2006 – 12-qubit computer • 2007 – 28-qubit computer • 2012 – 84-qubit computer • 2015 – 1000-qubit computer • 2016 – Google develops quantum computer • 2017 – 2048-qubit computer • 2017 – IBM, Microsoft, announces quantum computers • 2018 – Several quantum microprocessors available • 2019 – Likely over 100 quantum computers available What is Quantum Computing? Real Quantum Computers What is Quantum Computing? Types of Quantum Computers Not All Qubits Are Alike â– Many different methods: superconducting (-460F temps), trapped ion, Majorana fermion, etc. • Each method has advantages and disadvantages â– Right now, the quantum computers with the highest number of qubits, like 1000+, are called annealing, which aren’t great at breaking crypto â– Over 100 separate teams working on their own quantum computers â– Universal gate quantum is better at breaking crypto, but so far have a smaller number of stable qubits • 72 qubits as of Sept. 2018 What is Quantum Computing? Quantum Computers We Need More Stable Qubits â– Stable qubits are very hard to make (right now) • Without the right conditions, they lose their needed quantum properties very quickly (decoherence) • Merely “observing†qubits makes them change â– Need them stable long enough to complete a task and be able to observe outcome â– Most of today’s qubits need “error correcting†or “stabilization†or be “controllable†to work, which requires many more qubits than just the ones doing the work â– The number of stable, controllable qubits is increasing over time • But right now even those make a mistake once every 200 actions • May need 1000 or a 1,000,000 error correcting qubits for every 1 stable qubit What is Quantum Computing? Quantum Computers Today we have: The richest nations, dozens of companies, spending tens of billions of dollars on quantum computing: • Quantum microprocessors • Cloud-connected quantum computers you can play with • Quantum key distribution • Quantum random number generators • Quantum programming languages, development kits, compilers • Quantum networking • Quantum cryptography What is Quantum Computing? Quantum Computers Quantum Supremacy Point in time when quantum computers can solve problems that traditional binary computers cannot Means: • Faster at some types of problems and/or • More capable at some types of problems • Need at least 49 “perfect†qubits, and probably a lot more • We are either there already, or very near • IBM, Google, and China says we are less than 1 year away What is Quantum Computing? Quantum Computers What Will Quantum Computers Give Us? • New understanding of physics and our universe • Solve complicated math quickly • Give us incredible precision (military, weather, traffic mgmt.) • New medicines, better solar cells, new chemicals • True artificial intelligence • Things we cannot imagine right now What is Quantum Computing? Quantum Computers What Will Quantum Computers Give Us? â– Break most traditional public key crypto and every secret it protects • Any algorithm who’s security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem • Ex: RSA, DH, ECC, ElGamal, PKI, digital certificates, digital signatures, TLS, HTTPS, VPNs, WiFi protection, crypto-currencies, two-factor authentication which relies on digital certificates (e.g.
FIDO keys, Google security keys, etc.), etc. â– New “unbreakable†encryption What is Quantum Computing? Quantum Break â– A prime number is any whole number after 1 that can only be divided by itself or one and get a whole number • 2,3,5,7,11,13,17,23,29,31, and so on â– Most traditional public key crypto (e.g. RSA, Diffie-Hellman, etc.) is based on the work effort needed to factor large prime number equations • p q = n • p and q are prime numbers, n is a public key, can be very hard to figure out p and q • Simple Ex: What two prime numbers when multiplied together equal 15? • Answer: 3 x 5 = 15 When Will Quantum Break Public Key Crypto? Quantum Break Another Simple Example • pq=187, what’s p and q? • Answer: p and q = 17 and 11 • pq= , what’s p and q? • Answer: p and q = 9539 and 8887 When Will Quantum Break Public Key Crypto? Quantum Break Another Simple Example • Now assume N is a prime number 2048-bits long • Traditional computers are not good at figuring out N • Takes more guesses than all atoms in the known universe When Will Quantum Break Public Key Crypto? How Long Till Quantum Computing Breaks Public Key Cryptography? Quantum Break Prime Factoring Speed â– As of Sept. 2018, the largest known successful factored primes is RSA-768 (by traditional computers) • Took 4 years and the equivalent of almost 2000 years of computing on a single core 2.2 GHz AMD Opteron • RSA-2048 would take billions of years using every traditional computer and resource in existence â– Quantum computers can break encryption algorithms that rely upon the work effort needed to factor equations involving large prime numbers â– Quantum computers with 4099 stable qubits, can crack a 2048-bit key in 100 seconds • We have 72-stable or more qubits today When Will Quantum Break Public Key Crypto? Quantum Break How Quantum Computers Do It Shor’s Algorithm (1994) â– Start by creating all the possible answers for N=pq all at once (superposition of states) • Quantum Quick: Classical speed- 2^2048 calculations, one at a time per CPU Quantum – 2^2048 calculations done all at once â– Transform answers so that most likely correct answers (p & q) easy to see above all others When Will Quantum Break Public Key Crypto? Quantum Break Bottom Line â– Many quantum physicists think we’ll have enough stable qubits within 5 years (if it’s not already done) to break public crypto which uses the large prime factoring work effort for protection • Dr. Mark Jackson of Cambridge Quantum Computing thinks 5 years or less, maybe 2-3 years â– But who really knows??
When Will Quantum Break Public Key Crypto? Quantum Break Bottom Line In 2016, NIST/NSA, “NOW†is the time to prepare When Will Quantum Break Public Key Crypto? How You Can Prepare for the Quantum Break Scenarios What do the different possible break scenarios look like? Preparing for Quantum Break Timing Break Scenarios • It’s already happened but we don’t know about • It’s going to happen in the next few years • It’s going to happen after the next few years • It’s never going to happen I would not put my money on the last one. Preparing for Quantum Break Who?
Cost? Break Scenarios • Stays in the realm of nation-states for a long-time • Gets picked up by monied groups and competitors • Available in cloud form for cheap • Past crypto breaks went from the realm of millions of dollars to accomplish to tens of thousands of dollars in just a few years • Interested parties are likely storing encrypted communications for future breaks already Preparing for Quantum Break Will We Be Prepared? Break Scenarios â– If we are lucky, the quantum break prep proceeds like the global SHA1 to SHA2 migration (slower than we liked, but orderly, and ahead of the worst problems) â– Might happen faster than companies and vendors are prepared • NSA said to move to post-quantum in Jan. 2016, what have you or any of your vendors or partners done? â– Likely to be a mix of prepared and not prepared when time comes Preparing for Quantum Break Prepare Preparing â– Education (this slide deck and keeping up on advances) • Your company, your vendors, your third parties â– Take a data protection inventory – what secrets really need to be protected, and for how long? Which are at risk from quantum break? â– Use/Be moving toward quantum-resistant crypto, where and when possible â– Pressure your vendors over quantum break preparation â– At least demand crypto-agility â– Prevent eavesdropping on very high-value data Preparing for Quantum Break Prepare Post-Quantum Progression Preparing for Quantum Break Prepare Post-Quantum Protections Symmetric encryption is not as vulnerable â– AES is still good • Double your key size and you should be fine • 128-bit is bare minimum (weakly quantum-resistant) • 192-bit is better, 256-bit even better, 512-bit very resistant â– SNOW 3G • Word-based synchronous stream cipher Unfortunately, traditional public key crypto is used to protect the transmission of plaintext symmetric keys most of the time Preparing for Quantum Break Prepare Post-Quantum Protections Quantum-Resistant Hashes â– SHA2/SHA3 â– 256-bit and larger hash sizes â– Lamport signatures â– Merkle Signature Scheme • Merkle trees • XMSS (Extended Merkle Signature Scheme) â– SPHINCS+ • Used with SHAKE256, SHA-256, and Haraka â– Picnic Signature Algorithm • Demonstrated by Microsoft in PKI to protect HSMs Preparing for Quantum Break Prepare Quantum-Resistant Cipher Types • Lattice-based • Multivariate-based • Code-based • Hash-based • Zero Knowledge Proof • Isogeny-based • See Unfortunately, almost none are generally available Preparing for Quantum Break Prepare Post-Quantum Crypto – NIST 2nd Round PQC Selections Preparing for Quantum Break Prepare Post-Quantum Protections Use quantum-based ciphers and components, including â– Quantum Random Number Generator • Verifiably and guaranteed random • Many existing ones • Online one at â– Quantum Key Distribution (QKD) â– Quantum Encryption • Perfectly secure in theory • If anyone observes the data, you’ll know Preparing for Quantum Break Prepare Post-Quantum Protections – Possible Performance Issues Some quantum-resistant asymmetric ciphers require larger key sizes, but all take longer in operations Preparing for Quantum Break *All figures in bytes unless stated as bits or K=kilobits Comparison: RSA 2048-bit has 256-byte public key and signatures Prepare Post-Quantum Protections Open Quantum Safe Project ( • Group dedicated to helping to implement post-quantum crypto • Open source C-library (liboqs) to implement some post-quantum ciphers • API • Testing and benchmarking • Forked quantum-resistant versions of OpenSSL and OpenSSH Preparing for Quantum Break Prepare Post-Quantum Protections Enable Perfect Forward Secrecy Where Possible • Generates random (public) encryption keys per session for the purposes of key agreement • Means that the compromise of one key and/or message cannot immediately/easily lead to the compromise of others • Can be enabled in Kerberos, HTTPS, OpenSSL, some public key crypto algorithms Preparing for Quantum Break Lessons • Quantum computers are likely to break traditional public key crypto “soon†• You can start preparing now • Don’t just wait for quantum supremacy to be announced without a solid, thoughtful, plan in place Key Take Aways Info • Quantum-Computing/dp/ • Appendix at end of book lists dozens of sources • • Go to Youtube and search on “quantum†• Pick a few videos • Go to Amazon and search on “quantum†• Pick a few videos and maybe a book or two More Learning Resources » Learn More at « Thank You!
Paper For Above instruction
Quantum computing represents a revolutionary shift in the capabilities of computational technology, with profound implications for cybersecurity, cryptography, and our understanding of the universe. The rapid advancement and imminent realization of quantum computers pose urgent challenges and opportunities that require immediate and strategic preparation. This paper provides a comprehensive overview of quantum computing, its potential to break current cryptographic systems, the timeline for such breakthroughs, and detailed steps organizations must take to safeguard digital security in the advent of quantum supremacy.
Introduction to Quantum Computing
Quantum computing diverges fundamentally from classical computing by leveraging principles of quantum mechanics, such as superposition, entanglement, and teleportation. Unlike classical bits, which are binary and can exist only in states of 0 or 1, quantum bits or qubits can exist simultaneously in multiple states due to superposition. This property, combined with entanglement—where two particles remain connected over distance—enables quantum computers to perform certain calculations exponentially faster than classical counterparts (Nielsen & Chuang, 2010). The theoretical foundation of quantum computing was laid in 1959 by Richard Feynman, who noted its potential for simulating physical systems beyond classical capabilities (Feynman, 1982).
Progress and Types of Quantum Computers
Since its inception, quantum computing has rapidly evolved, with notable milestones including the first 2-qubit quantum computer in 1998, and the development of over 1000-qubit systems by 2019 by companies like Google, IBM, and Microsoft. Various approaches to constructing qubits exist, such as superconducting circuits, trapped ions, and Majorana fermions. Currently, the most promising are universal gate quantum computers capable of handling complex algorithms that threaten existing cryptographic systems. However, stability and error correction remain substantial challenges. The number of stable, controllable qubits necessary for breaking cryptography is estimated to be several thousand, with current developments focusing on improving qubit stability and coherence times (Preskill, 2018).
Quantum Computing and Cryptography
The importance of quantum computing in security stems from its ability to efficiently factor large integers using Shor’s algorithm, which undermines widely used asymmetric encryption schemes like RSA, ECC, and DH. These cryptosystems rely on the difficulty of prime factorization, a task that classical computers can only perform with prohibitively high computational effort. Quantum computers with enough stable qubits could perform prime factorization in seconds, rendering current cryptographic standards obsolete (Shor, 1994). The timeline for such a breakthrough is debated, but many experts believe it could occur within the next five years, necessitating immediate action to transition to quantum-resistant algorithms (Mosca, 2018).
Potential Impact and Timeline
The advent of quantum supremacy—the point at which quantum computers surpass classical ones in solving certain problems—has significant security implications. Current estimates suggest that, with approximately 4,000 stable qubits, a quantum computer could decrypt a 2048-bit RSA key in minutes (Preskill, 2018). Although current quantum hardware is not yet at this threshold, progress indicates that we may be less than a decade away from such capabilities. Governments and organizations must therefore start implementing post-quantum cryptography now to minimize future risks (Chen et al., 2016).
Preparing for the Quantum Future
Preparation strategies include conducting comprehensive data inventories to identify sensitive information at risk of future decryption, migrating to quantum-resistant cryptographic algorithms, and demanding crypto-agility from vendors and partners. Cryptographic agility ensures the ability to switch algorithms rapidly as new standards emerge. Symmetric encryption such as AES remains relatively secure, especially when employing larger key sizes (192-bit or 256-bit). Nevertheless, public key cryptography requires replacement with quantum-resistant schemes, including lattice-based, hash-based, multivariate, and code-based algorithms (Liu et al., 2019).
Quantum-Resistant Cryptography and Practical Measures
Institutions should adopt hash-based signatures like Merkle Tree schemes, lattice cryptography (e.g., NTRU),