“The US is worried that hackers are stealing data today so quantum computers can crack it in a decade”
MIT Technology Review, November 3, 2021
by Patrick Howell O’Neill
“The US government is starting a generation-long battle against the threat next-generation computers pose to encryption.”
While they wrestle with the immediate danger posed by hackers today, US government officials are preparing for another, longer-term threat: attackers who are collecting sensitive, encrypted data now in the hope that they’ll be able to unlock it at some point in the future.
The threat comes from quantum computers, which work very differently from the classical computers we use today. Instead of the traditional bits made of 1s and 0s, they use quantum bits that can represent different values at the same time. The complexity of quantum computers could make them much faster at certain tasks, allowing them to solve problems that remain practically impossible for modern machines—including breaking many of the encryption algorithms currently used to protect sensitive data such as personal, trade, and state secrets.
While quantum computers are still in their infancy, incredibly expensive and fraught with problems, officials say efforts to protect the country from this long-term danger need to begin right now.
“The threat of a nation-state adversary getting a large quantum computer and being able to access your information is real,” says Dustin Moody, a mathematician at the National Institute of Standards and Technology (NIST). “The threat is that they copy down your encrypted data and hold on to it until they have a quantum computer.”
“Adversaries and nation states are likely doing it,” he says. “It’s a very real threat that governments are aware of. They’re taking it seriously and they’re preparing for it. That’s what our project is doing.”
Faced with this “harvest now and decrypt later” strategy, officials are trying to develop and deploy new encryption algorithms to protect secrets against an emerging class of powerful machines. That includes the Department of Homeland Security, which says it is leading a long and difficult transition to what is known as post-quantum cryptography.
“We don’t want to end up in a situation where we wake up one morning and there’s been a technological breakthrough, and then we have to do the work of three or four years within a few months—with all the additional risks associated with that,” says Tim Maurer, who advises the secretary of homeland security on cybersecurity and emerging technology.
DHS recently released a road map for the transition, beginning with a call to catalogue the most sensitive data, both inside the government and in the business world. Maurer says this is a vital first step “to see which sectors are already doing that, and which need assistance or awareness to make sure they take action now.”
About the Author:
Patrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. He covers national security, election security and integrity, geopolitics, and personal security: How is cyber changing the world? Before joining the publication, he worked at the Aspen Institute and CyberScoop covering cybersecurity from Silicon Valley and Washington DC.
- U.S. Department of Homeland Security: “Post-Quantum Cryptography“