Security News

In this Help Net Security video, Denis Mandich, CTO at Qrypt, talks about quantum computing. If we thought AI turned security and privacy on their head, quantum computing will break how we encrypt data today and risk revealing sensitive data of citizens, governments, hospitals, banks, and more.

Quantum Computing Cybersecurity Preparedness Act has been signed into law, emphasizing the significance of a switch to post-quantum computing. The Quantum Computing Cybersecurity Preparedness Act requires federal agencies to maintain an inventory of the cryptographic assets they have in use, assess their quantum vulnerabilities, perform proof-of-concept testing of post-quantum cryptographic algorithms, and then prioritize the migration of those assets.

"NIST has release a draft of Special Publication1800-38A: Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography." It's only four pages long, and it doesn't have a lot of detail-more "Volumes" are coming, with more information-but it's well worth reading. We are going to need to migrate to quantum-resistant public-key algorithms, and the sooner we implement key agility the easier it will be to do so.

A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The underlying idea is that the physical effects introduced as a result of a cryptographic implementation can be used to decode and deduce sensitive information, such as ciphertext and encryption keys.

Quantum computing has surged in popularity recently, with its revolutionary computational capabilities transforming the technology sector. In this Help Net Security video, Vanesa Diaz, CEO at LuxQuanta, talks about how precautions must be taken ahead of this new quantum age, where cybersecurity solutions require significant attention and developments to ensure the protection and security of data.

Research conducted by Fujitsu suggests there is no need to panic about quantum computers being able to decode encrypted data - this is unlikely to happen in the near future, it claims. Fujitsu said it ran trials using its 39-qubit quantum simulator hardware to assess how difficult it would be for quantum computers to crack data encrypted with the RSA cipher, using a Shor's algorithm approach.

The growing interest in quantum is translating into spending, demonstrated by 71% of quantum-adopting enterprises surveyed having current quantum computing budgets of more than $1 million. Interestingly, nearly 30% of respondents that have adopted or plan to adopt quantum computing expect to see a competitive advantage due to quantum computing within the next 12 months.

The paper, titled "Factoring integers with sublinear resources on a superconducting quantum processor," suggests that the application of Claus Peter Schnorr's recent factoring algorithm, in conjunction with a quantum approximate optimization algorithm, can break asymmetric RSA-2048 encryption using a non-fault tolerant quantum computer with only 372 physical quantum bits or qubits. The speculation has been that orders of magnitude more qubits, in conjunction with robust error correction at scale, may allow future quantum computers to run Peter Schor's algorithm - not to be confused with the similarly named Schnorr - quickly, on very large numbers, thereby breaking RSA encryption.

We have long known from Shor's algorithm that factoring with a quantum computer is easy. What the researchers have done is combine classical lattice reduction factoring techniques with a quantum approximate optimization algorithm.

Remember quantum computing, and the quantum computers that make it possible? Quantum computing enthusiasts claim the performance improvements will be so dramatic that encryption keys that could once comfortably have held out against even the richest and most antagonistic governments in the world for decades.