Question

Quantum Leap or Quantum Bust? So after your explanations to the CEO two weeks ago on flattening networks and last week on the differences between SSL and TLS, your Director has asked you to give your opinion on Quantum Cryptography. Specifically, should your organization develop third party management (TPM) risk policies for quantum-resistant cryptography (QRC)? Should you require vendor solutions to include QRC? Is Quantum Computing a threat? If so, when? Is QRC a threat? If so, when? Discuss a time frame in your report and limit your response to 100 words. Your director will use your report in the August Board Meeting, so this is great exposure for you.  

Answer 1

1. Even though this question is far ahead in the future, some key points should be considered when it comes to information security.
2. As the research in the quantum computing filed grows, its not very reasonable to say that, our current crytpographic technique can still help safeguard the data.
3. Even though availability of the commercial quantum computers are more than 15 years ahead in future, having a QRC in a big organization will become very important as these quantum computers can perfrom 100 million times faster than current computations which puts current cryptographic techniques at brink of breaking.
4. It is possible in future that GOOGLE, IBM and many more such companies who are trying to acheive quantum suprimacy might become vendors of QRC for big organizations who are willing to safegraurd their data against the new quantum attacks. Every organizations should consider TPM of QRC.
5. Most organizations today are already into crypto coins ( bitcoin, ethereum etc.). Many white papers suggest a lot of crypto currencies will be susseptible to quantum attacks if they do not implement quantum resistance now.
6. Quantum computing is a threat. And it is approximately 15 to 20 years in the future. When this quantum attacks start the earliest target will be bitcoin.
7. To avoid this, it is necessary to implement quantum resistance addressing in bitcoin and organizations should move their balances from ECDSA(eliptical curve digital signature algorithm) to quantum-safe addresses.
8. Few white papers suggest some cryptographic systems that are belived to be quantum resistant : hash based, code-based, lattice-based, multivariate-quadratic-equations cryptography and secret-key cryptography. All these systems are belived to resist both classical and quantum attacks given they both use sufficiently long key sizes.