Product reviews, deals and the latest tech news

IBM: Data encryption faces a “existential threat” from quantum computing

Over the years, encryption has become indispensable for protecting sensitive company information. However, as quantum computers improve, the security of goods sold to businesses and consumers, which rely on public-key cryptography (PKC) standards, is put at danger.

As the possibility of decryption rises, the IBM Institute for Business Value has released a new report titled Security in the Quantum Era. This report investigates the reality of quantum risk and the necessity for enterprise adoption of quantum-safe capabilities to protect vital applications and infrastructure.

According to the paper, traditional computer encryption techniques are under “existential risk” from quantum computing, and thieves may already be exfiltrating encrypted material in preparation for “harvest now, decipher layer assaults” if quantum machines become more advanced.

Traditional encryption methods and quantum computers have a fundamental flaw

Limitations of classical cryptographic protocols such as RSA stem from their reliance on mathematical issues like the factorization of big numbers, which can be easily solved by brute force on a quantum computer.

The research states that cryptographic protocols “can in theory be solved — and solved within a few hours” using a quantum computer plus Shor’s method. Given this, it’s clear that RSA and similar protocols will be inadequate as a means of securing data in a world where quantum computers have reached their full potential.

Even if this hasn’t happened yet, more and more businesses are concerned about the potential consequences of this decryption. The Quantum Computing Cybersecurity Preparedness Act was signed into law by President Biden in December 2022, mandating that all federal agencies implement encryption methods that are secure against post-quantum attacks.

Similarly, NIST’s search for quantum-resistant algorithms, which had been underway since 2016, came to a close last year when it selected CRYSTALS-Kyber, a public-key encryption method, and CRYSTALS-Dilithium, a digital signature technique, as the two best candidates.

Lattice-based quantum encryption, developed by IBM

IBM has been very active in establishing itself as a leader within the space alongside other providers like Intel, which has helped contribute to NIST’s post-quantum cryptography standards, as the global quantum cryptography market is expected to grow from $89 million in 2020 to $214 million by 2025.

IBM z16, an AI-driven data inference-optimization solution, was released last year with the intention of handling mission-critical data in a quantum-safe manner. Three of the four post-quantum algorithms selected by NIST had been developed in part by the business.

IBM’s quantum plan incorporates the use of lattice-based cryptography, a technique for building security primitives based on the geometry of numbers. This approach can be used to create encryption protocols that are more resistant to factorization and thus more difficult for quantum computers to break.

According to IBM, this method was pioneered in the 1990s by two academic papers: NTRU: A novel high speed public key cryptosystem by Jeffrey Hoffstein, Jill Pipher, and Joseph Silverman of Brown University and Generating Hard Instances of Lattice Problems by IBM scientist Miklos Ajtai.