In the following, I will give you a brief
overview of what quantum computers are, why
they are expected to change the world, and
how they threaten cybersecurity.
In 1936, when Alan Turing invented his famous
Turing machine, his goal was to mathematically
define a hypothetical machine that imitates
how humans calculate using pencil and paper.
And all the computers we use today are based
on the same idea: they are essentially Turing
machines that imitate how humans calculate
using pencil and paper.
In the following, I will call these computers
„classical computers“.
Then, in the 1980s, scientists realized that
nature can do better than pencil and paper.
The idea came from the fact that classical
computers are notoriously inefficient at simulating
quantum physical systems.
For example, to simulate even moderate-sized
molecules, classical computers would need
to keep track of more variables than atoms
in the visible universe.
This may sound very discouraging, but some
scientists, including Richard Feynman, turned
this argument around, and suggested that if
a computer was able to perform certain quantum
physical effects, it would potentially be
much more powerful.
This is because for such a „quantum computer“,
it would be natural to simulate quantum physics
efficiently, and there may also be other tasks
where it could offer massive speed-ups over
classical computers.
Since then, it has been proved that theoretically,
this is really the case.
However, in practice, building a quantum computer
is a formidable scientific and engineering
challenge.
The problem is that quantum effects happen
in nature on the atomic and subatomic level,
so the effort is comparable to manipulating
individual atoms and elementary particles.
And that’s not easy at all.
With current technology, it is done at extremely
low temperatures.
Just to give you an idea, on the left-hand
side you can see the quantum computer made
by IBM.
Inside, there is a tiny chip at the bottom,
which we cannot even see in the picture.
What we can see from outside is basically
just a giant refrigerator which cools down
the chip to a temperature that is colder than
interstellar space.
So now I can tell you what quantum computing
is.
It’s a new paradigm of computing, which
exploits the laws of quantum physics to gain
massive speed-ups over classical computing.
Unfortunately, getting into quantum computing
is quite an effort, because it’s an interdisciplinary
subject which involves computer science, physics,
and lots of mathematics.
And finally, some history, very briefly.
As I mentioned before, in 1936 Alan Turing
came up with the Turing machine, on which
today’s classical computers are based.
Then, in 1981, the Nobel Prize-winner physicist
Richard Feynman said „Nature isn’t classical,
dammit…“, and he suggested using quantum
computers to efficiently simulate quantum
physics.
After that, quantum computing really took
off only in 1994, when Peter Shor discovered
that quantum computers can factor integers
and compute discrete logarithms efficiently,
and therefore they can break RSA, elliptic
curve cryptography, and Diffie-Hellman key
exchange, which are the cornerstones of today’s
cybersecurity.
Next, in 2016, after 22 years of theoretical
and technological advances, IBM made a toy
quantum computer publicly available in the
cloud, for free.
And most recently, seeing the rapid development
of the field, in 2019 both Microsoft and Amazon
announced to offer quantum computing cloud
services.
There is a consensus in academia, industry,
and even politics, that in the long run, quantum
computers will have an enormous impact on
our society, affecting pretty much every aspect
of our lives.
They are expected to revolutionize a wide
range of industries: from pharmaceuticals
through finance and manufacturing to artificial
intelligence.
With the help of their incredible computational
power, we’ll be able to tackle some of humanity’s
biggest challenges, including world hunger
and global warming, which politics alone seems
unable to handle.
Due to all these reasons, governments and
tech giants alike are heavily investing in
quantum technology, all around the globe.
There is already a „quantum race“ going
on between the United States and China.
The impact of quantum computers will happen
gradually, during the next few decades, as
companies like Google, IBM, Intel, Microsoft
or Alibaba, together with many startups, will
be reaching more and more milestones.
Among the potential applications, I wrote
„breaking RSA, elliptic curve, Diffie-Hellman“
in italics, because it’s not really an application,
unless you are a bad guy, of course.
But it’s an interesting question when that
will happen.
The most pessimistic estimation is 20 to 30
years from now.
However, reading about Google’s plans, I
wouldn’t be surprised if they could run
Shor’s algorithms in 10 years, that is,
by 2030.
Today, quantum computers can already be accessed
via the cloud.
Their hardware and software stack improves
significantly every year.
They are still small and noisy, and they may
not be able to run Shor’s algorithms for
decades, but that said, they are also expected
to improve rapidly, and within just a couple
of years, they are likely to find their first
commercial applications.
And as soon as that happens, it will start
up a virtuous cycle of more investments and
even better quantum computers.
Even if quantum computers, capable of compromising
cybersecurity, arrive only in 20 to 30 years,
companies and government agencies must act
already today, to avoid disaster.
The problem is the „store now, decrypt later“
attack, which can be illuminated by a simple
theoretical tool called „Mosca’s inequality“,
introduced in 2013 by Michele Mosca.
Let me explain Mosca’s inequality via a
concrete example.
Let’s assume an organization needs 10 years
to migrate from RSA to a different cryptosystem
which cannot be broken by quantum computers.
This is the y value on the slide, the „migration
time".
Now, let’s also assume that in 10 years’
time, just before finishing migration, the
organization communicates a last piece of
sensitive information using RSA cryptography,
which has to remain secret for 20 additional
years.
This value, 20 years, is called the „shelf
life“, denoted by x.
However, if quantum computers can break RSA
in 25 years from today, which is z, the so-called
„collapse time“, then an attacker, who
stores the organization’s last RSA-encrypted
communication, can decrypt it 5 years too
early!
This is because the sum of the migration time
and the shelf life is 30, which is 5 years
more than the collapse time.
And now, imagine if governments have secrets
with 100 years shelf life… then they are
pretty much already too late!
