Encryption algorithms ensure that we are safe on the Internet and that our privacy is protected – by securing the transmission of information. However, many experts fear that quantum computers could one day crack these algorithms, making us significantly more vulnerable to attacks by hackers and scammers.

These systems could be there faster than many people think. Therefore, intensive work is being done on the development of novel algorithms that should withstand even the most powerful quantum computer that we can imagine.

What do these quantum-resistant algorithms do?

Cryptographic algorithms turn readable data into a secret, unreadable form so that it can be exchanged securely on the open Internet. With their help, all types of digital communication are secured, such as data traffic on websites and the content of emails. In addition, they are essential for protecting privacy, trust and security online.

There are several types of standard cryptographic algorithms in widespread use today, including symmetric keys and public-key algorithms. Symmetric key encryption is what is usually thought of as encryption. It allows data and messages to be encrypted using a “key” so that they are undecipherable to anyone who does not have the key. It is typically used for backing up sensitive data in databases or on hard drives.

Even data breaches that compromise databases containing sensitive user information aren’t that bad if the underlying data is encrypted. While hackers can get the encrypted data, there is still no way to read it.

Public key algorithms are also important. They help circumvent the fundamental drawback of symmetric key encryption, which is that you need a secure way to even share symmetric keys. Public key algorithms use a set of two keys, one kept private by the recipient and the other made public.

Anyone can use the recipient’s public key to encrypt data that only the recipient can decrypt with their private key. This method can be used for symmetric key transmission and even in reverse for digital signatures. Because the private keys are unique to the recipient, the recipient can use them to confirm their identity.

Why do these algorithms need to be quantum resistant?

Cryptographic algorithms are able to keep data secret because they are mathematically difficult to crack. A modern computer would need billions of yearsto brute force crack a single set of encryption keys.

But in the 1990s, even before quantum computers were seriously discussed, mathematician Peter Shor discovered that the way theoretical quantum computers work would be particularly well suited to cracking the mathematics used in public-key cryptography.

Although no quantum computer existed at that time, other mathematicians were able to confirm that the Shor algorithm, as it became known, theoretically used by such computers to crack public-key encryption could. It is now widely accepted that once a working quantum computer with sufficient processing power is built, the algorithms we now rely on for public-key encryption will be easy to crack. The National Institute of Standards and Technology (NIST) predicts that corresponding quantum computers could be available in just ten to 20 years.

Fortunately, symmetric encryption methods are not at risk as they work quite differently and can be secured by simply increasing the number of keys used. Unless mathematicians find a way for quantum computers to crack those, too. But even increasing the key size cannot protect the existing public key encryption algorithms from quantum computers. New algorithms are therefore required.

What would be the implications if quantum computers cracked the encryption we currently use?

That would be really bad. After all, if public key encryption were cracked suddenly and without a replacement, digital security would be severely compromised. For example, sending sensitive information through websites would no longer be secure since websites use public keys to maintain secure Internet connections.

Cryptocurrencies also rely on public key encryption to secure their underlying blockchain technology, so the data on their ledgers would no longer be trusted.

In addition, there is also concern that hackers and nation states highly sensitive government or intelligence data – data that they cannot currently decode – could be hoarded to decode later once quantum computing becomes available.

How is work on quantum-resistant algorithms progressing?

In the US, NIST has been looking for new algorithms that can resist attacks from quantum computers. The authority has been accepting public applications since 2016, from which four finalists and three replacement algorithms have been selected so far. These new algorithms use techniques that can resist attacks from quantum computers using Shor’s algorithm.

According to project leader Dustin Moody, NIST is on track to complete the standardization of the four finalists in 2024. This includes creating policies to ensure the new algorithms are used correctly and safely. Standardization of the remaining three algorithms is expected in 2028.

The task of examining the candidates for the new standard is primarily the responsibility of mathematicians and cryptographers from universities and research institutions. They submit proposals for post-quantum cryptographic techniques and look for ways to attack them, sharing their insights by publishing articles and mutually expanding the various attack methods.

In this way, they gradually weed out the candidates who were successfully attacked or whose algorithm shows weaknesses. A similar process was used in the development of today’s encryption standards.

However, there is no guarantee that someday a new type of sophisticated quantum attack, or perhaps even a conventional attack, will not be discovered that can crack these new algorithms. “It’s impossible to prove that you can’t crack it – the non-existence of a mathematical algorithm is difficult to impossible to prove,” says cryptographer Thomas Decru. But “when something proves its worth in the world of crypto, trust grows.”

(vsz)