Tackling Quantum Computing Threats to CryptographyNIST Expert: Vetting New Approaches to Encryption Could Take Decades
Within the next 20 years, quantum computing could be applied to easily crack current approaches to cryptography, according to the National Institute of Standards and Technology, which already is beginning work on new approaches to encryption that can withstand the power of quantum computing.
Quantum computers will make use of the quantum states of subatomic particles to process information at speeds exponentially greater than what exists today. Such processing speeds, in theory, could easily break the massively long strings of numbers used in today's encryption software.
Work on refining cryptography so it's effective in the era of quantum computing must start now because "it will take 10 to 20 years to get new algorithms selected, standardized and implemented out into the field," says NIST mathematician Dustin Moody, who co-authored the recently released NIST Internal Report 8105: Report on Post-Quantum Cryptography.
In an interview with Information Security Media Group (click on audio player below image), Moody discusses:
- Three categories of cryptography that could help build quantum-resistant encryption: lattice-based, error-correcting and multivariate polynomial cryptography;
- Initiatives from NIST to get stakeholders to collaborate on developing new cryptographic approaches to meet the quantum computing challenge; and
- The likelihood that new approaches will succeed.
NIST plans to launch a collaborative effort in the next few months, including competitions similar to those that were used for developing the SHA-3 hash algorithm, used in part for authenticating digital messages. The upcoming competitions could have multiple winners because there likely will need to be a variety of approaches to build strong cryptographic methods to defend against the power of quantum computers. "There are several systems in use that could be broken by a quantum computer - public-key encryption and digital signatures, to take two examples - and we will need different solutions for each of those systems."
Moody is the point of contact for the NIST post-quantum cryptography project. His main area of research deals with elliptic curves and their applications in cryptography. He received his Ph.D. in mathematics from the University of Washington in 2009.