IBM Warns Quantum Computing Will Break Encryption

Long-time Slashdot reader CrtxReavr shares a report from ZDNet: Quantum computers will be able to instantly break the encryption of sensitive data protected by today's strongest security, warns the head of IBM Research. This could happen in a little more than five years because of advances in quantum computer technologies. "Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now," said Arvind Krishna, director of IBM Research... Quantum computers can solve some types of problems near-instantaneously compared with billions of years of processing using conventional computers... Advances in novel materials and in low-temperature physics have led to many breakthroughs in the quantum computing field in recent years, and large commercial quantum computer systems will soon be viable and available within five years...

In addition to solving tough computing problems, quantum computers could save huge amounts of energy, as server farms proliferate and applications such as bitcoin grow in their compute needs. Each computation takes just a few watts, yet it could take several server farms to accomplish if it were run on conventional systems.
The original submission raises another possibility. "What I wonder is, if encryption can be 'instantly broken,' does this also mean that remaining crypto-coins can be instantly discovered?"

Re:crypto-coins?

Also, no it can't, at least for the crypto currencies I am aware of. Quantum computing breaks the current commonly used asymmetric cryptographic algorithms used to move data around securely (https, encrypted email, chat, etc.). Not symmetric algorithms that encrypt data at rest (full disk crypto, etc.) and not the hashing algorithms that crypto currencies use for proof of work. You could potentially steal existing coins/tokens from people's wallets though unless the devs move to a post-quantum algorithm.

Re:crypto-coins?

[Joce640k]

To be clearer: Quantum computers break things based on number factoring, eg. certificate signing.

It doesn't break block ciphers like AES.

It might break blockchain, yes, but, like, who cares?

Answer: lattice-based crypto around since 80's...

[Idisagree]

Article is very light on evidence of any new form of successful attack so it's a bit premature to advise the sky is falling just yet!

Better encryption methods are always being worked on and we will phase out the old encryption methods when they become stale and move onto more resistant types.

As it so happens there are already some constructions (and they have been around for some time) that can be used such as Ring-LWE and NTRU which have been shown to hold up against classic and Quantum based attacks.

I'm going back to my bowl of cereal now.

Re:crypto-coins?

[swillden]

To be clearer: Quantum computers break things based on number factoring, eg. certificate signing.

It doesn't break block ciphers like AES.

It might break blockchain, yes, but, like, who cares?

Quantum computing does weaken both symmetric ciphers like AES and hashing algorithms which are the basis of blockchains (though many blockchains also make use of asymmetric digital signatures which are more deeply affected). Specifically, Grover's Algorith is a quantum algorithm that can find the input that provides a given output for any algorithm with at most sqrt(N) applications of the algorithm. This means that with sufficiently-good quantum computers, you can find a 128-bit AES key for a known plaintext/ciphertest pair in 2^64 steps, which just might be feasible. Similarly, given a 160-bit hash, like SHA-1, you can find a pre-image for a given hash value in 2^80 steps.

Of course, if you use AES-256, Gover's algorithm will find you an answer in 2^128th steps, which is almost certainly forever out of reach Similarly for SHA-2 256. This assumes that Grover's algorithm is the best way to attack these sorts of primitives with a quantum computer, of course. We may discover other approaches that are less general, but better.