In the next couple of months, it will select a few winners, and then publish official versions of those algorithms. It has since winnowed down its list from 65 to 15. The following year, NIST invited computer scientists globally to submit candidate post-quantum algorithms to a process in which the agency would test their quality, with the help of the entire crypto community.
In 2015, the US National Security Agency (NSA) announced that it considered current cryptosystems vulnerable, and advised US businesses and the government to replace them. Which of these algorithms will become standard could depend in large part on a decision soon to be announced by the US National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland. These post-quantum algorithms seem impervious to attack: even using mathematical approaches that take quantum computing into account, programmers have not yet found ways to defeat them in a reasonable time. Fortunately, decades of research in theoretical computer science has turned up plenty of candidates. That means switching to stronger cryptographic systems, or cryptosystems.
“Everything you’ve done on the Internet before 2024 will be open for discussion.”Įven the most bullish proponents of quantum computing say we’ll have to wait a while until the machines are powerful enough to crack encryption keys, and many doubt it will happen this decade - if at all.īut the risk is real enough that the Internet is being readied for a makeover, to limit the damage if Q-day happens. “Let’s say that a quantum computer is deployed in 2024,” says Rescorla. Data thieves who eavesdrop on Internet traffic could already be accumulating encrypted data, which they could unlock once quantum computers become available, potentially viewing everything from our medical histories to our old banking records. “A real quantum computer would be extremely dangerous,” says Eric Rescorla, chief technology officer of the Firefox browser team at Mozilla in San Francisco, California.Īs in a cheesy time-travel trope, the machines that don’t yet exist endanger not only our future communications, but also our current and past ones.
If they reach their full scale, quantum computers would crack current encryption algorithms exponentially faster than even the best non-quantum machines can. And they work well: even with the best supercomputers available today, breaking the codes that the online world currently runs on would be an almost hopeless task.īut machines that will exploit the quirks of quantum physics threaten that entire deal. These are the systems that scramble data to protect our privacy, establish our identity and secure our payments. In cybersecurity circles, they call it Q-day: the day when quantum computers will break the Internet.Īlmost everything we do online is made possible by the quiet, relentless hum of cryptographic algorithms.