Quantum computer

Post-quantum cryptography: the race for unbreakable encryption

Quantenalgorithmen, post quanten kryptographie, Quantencomputer, Post-Quanten-Kryptographie, Quantencomputing
LinkedInRedditWhatsAppPocket

Deutsch This article is also available in German.

Quantum computers will fundamentally change the way we look at humanity’s most complex problems. They promise new insights, from materials science to medicine and climate research. However, this future technology is also challenging established standards in cyber security.

What impact will practical quantum computers have on our digital security? And when is this likely to happen?

Ad

Quantum computers: revolution in information processing

Quantum computers are based on the principles of quantum mechanics and work in a fundamentally different way to conventional computers. Instead of bits that have either the state 0 or 1, they use quantum bits (qubits) that can assume both states simultaneously thanks to superposition. This property enables parallel calculations on a scale that classical systems could never achieve. Another advantage is quantum entanglement. Linked qubits interact with each other, even if they are spatially separated. As a result, quantum computers create new possibilities for solving highly complex problems, from the optimization of global supply chains to the modelling of chemical reactions and the development of new cryptographic processes.

However, quantum computers still face considerable challenges. Error correction is a central problem, as qubits react very sensitively to environmental influences and can quickly lose their quantum properties. To reduce the susceptibility to errors, quantum error correction combines several physical qubits into one logical qubit. The following applies: the more physical qubits are used per logical qubit, the better the error rate can be suppressed. However, scaling up to the large numbers of qubits required for practical applications is technically extremely challenging – especially for superconducting systems that require extreme cooling.

Shor and co.: quantum algorithms as game changers

Many experts expect the first practical quantum computer to usher in a paradigm shift – possibly in an area that we cannot yet foresee. What has been known for decades, however, is the ability of quantum computers to crack common encryption methods. Modern encryption systems such as RSA or elliptic curve cryptography are based on problems such as the prime factorization of large numbers – a task that would take billions of years even for powerful classical computers. Quantum algorithms can overcome these barriers.

Ad

For example, the Shor algorithm enables large numbers to be factored efficiently and discrete logarithms to be solved. It therefore calls into question methods that were previously considered extremely secure, such as RSA, Diffie-Hellman and ElGamal, which are essential for key exchange, digital signatures and secure internet communication. In 2016, Prof. Rainer Blatt’s team at the University of Innsbruck succeeded in factorizing the number 15 using an ion-based quantum computer. Successful implementation of the Shor algorithm requires error-corrected quantum computers, which are estimated to need around 2,000 logical qubits to factorize a 1,024-bit number. Based on their current roadmaps, leading quantum computer manufacturers plan to reach this capacity in about ten years.

A recent example of progress in quantum research is provided by the work of researchers at Shanghai University. They used a quantum annealing system to factorize a 50-bit RSA integer. Quantum annealers are a special form of quantum computer designed for optimization problems; unlike universal quantum computers, they cannot execute the Shor algorithm. Therefore, the Chinese researchers transformed the factorization problem into an optimization problem and solved it with a hybrid approach that combined quantum hardware and classical algorithms. Although this progress is technically impressive, it has no major consequences for the security of modern encryption systems, as there is no apparent scalability for RSA-2048.

Post-quantum cryptography: the basis for long-term security

The ongoing development of quantum computers obviously poses major challenges for IT infrastructures and encryption systems. To overcome these, the National Institute of Standards and Technology (NIST) in the USA published three new standards for post-quantum cryptography (PQK) in August 2024 after an eight-year evaluation process. These are based on mathematical problems that cannot be solved efficiently even by powerful quantum computers and therefore provide a basis for long-term security.

The NIST has so far declared three quantum-safe algorithms as standard:

  1. FIPS 203 (ML-KEM): A key exchange method based on the CRYSTALS-Kyber algorithm.
  2. FIPS 204 (ML-DSA): A digital signature procedure based on CRYSTALS dilithium.
  3. FIPS 205 (SLH-DSA): Another digital signature procedure based on SPHINCS+.

In addition, targeted measures are required to gradually prepare existing IT infrastructures for quantum-safe processes:

  • Inventory: Companies should identify where their most sensitive data is stored and which cryptographic protection measures are currently in use.
  • Cryptoagility: Systems should be designed in such a way that cryptographic procedures can be exchanged flexibly and quickly in order to counter new threats.
  • Hybrid approaches: If possible, post-quantum methods should only be used in combination with classical methods (“hybrid”).
  • Early integration: Organizations are encouraged to integrate the new standards into their systems as soon as possible, as the full transition will take time.

The combination of PQK and classical methods offers organizations the opportunity to prepare for the challenges of quantum computers. Experts warn that quantum computers may be able to break current cryptographic systems as early as 2030. In addition, there is already a risk that data will be stolen today in order to decrypt it later using quantum computers.

The US National Security Agency (NSA) has therefore already ordered national security systems to implement PQK by 2030.

The German Federal Office for Information Security (BSI) also recommends protecting applications with particularly sensitive data against such “store now, decrypt later” attacks as soon as possible, but by the end of 2030 at the latest.

Conclusion: Balancing risks and opportunities

It will probably be several years, possibly decades, before quantum computers have the necessary number of error-corrected qubits to crack common encryption methods.

Nevertheless, development is progressing steadily and new approaches promise better scaling of the technology. One promising advance, for example, is the use of neutral atoms as qubits. This method does not require cryogenic cooling and could pave the way for practical and scalable quantum computers. Such innovations show that quantum computer research is constantly finding new ways to overcome technical hurdles.

With these and other advances in quantum computing – in which Germany and Europe are at the forefront, by the way – the era is approaching in which quantum computers can tackle and possibly crack both encryption and some of mankind’s biggest problems.


Dr. Alexander Glätzle

Alexander

Glätzle

CEO

planqc

Dr. Alexander Glaetzle, CEO and co-founder of planqc, is working on building the first German quantum computer based on neutral atoms. The theoretical quantum physicist and entrepreneur was a Senior Research Fellow at the University of Oxford and at the Center for Quantum Technologies in Singapore, where he studied
Ad

Weitere Artikel

What is a CSO? All information about the Chief Security Officer
Quantum Key Distribution redefines security
Self-sovereign identity: users are taking back control
Ransomware attack on Casio affected over 8,000 people