Can post-quantum encryption save the internet?
Greg Noone / Tech Monitor / 10 November 2022
Tech Monitor aims to provide an essential resource for the world’s top CIOs, business technology leaders and the tech-curious in a time of dramatic digital transformation.
Quantum computing poses a serious threat to the cybersecurity of sensitive information online. quantum computers are able to harness the mysteries of quantum mechanics to achieve feats of computation vastly superior to its silicon-based antecedents, the announcement that a quantum computer had broken RSA, DES or AES would render vast swathes of the internet insecure overnight.
This moment is often referred to by cryptographers as ‘Q-Day,’ though when it’ll arrive is anyone’s guess. Some predict it’ll take as little as eight years before quantum computers can break AES-256, the encryption standard used by the US government to protect classified information.
When Q-Day arrives, the CISO of your organization will have some tough decisions to make. Do you continue to use quantum-secure techniques and rely on the fact that quantum computers remain rare and expensive? Or do you switch to post-quantum cryptography now in an effort to stay ahead of the curve?
There is no easy answer, and whichever route you choose will come with trade-offs. If you decide to wait until quantum computers are more widespread, you run the risk of being caught unprepared when they eventually do arrive. But if you start using post-quantum cryptography now, you may have to change again when quantum computers become more powerful and quantum-safe algorithms better understood.
Whichever way you look at it, quantum computing is a looming threat to cybersecurity that we all need to be aware of. The future of privacy online depends on it.