“The threat of a nation-state adversary getting a large quantum computer and being able to access your information is real,” says Dustin Moody, a mathematician at the National Institute of Standards and Technology (NIST). “The threat is that they copy down your encrypted data and hold on to it until they have a quantum computer.”
“Adversaries and nation states are likely doing it,” he says. “It’s a very real threat that governments are aware of. They’re taking it seriously and they’re preparing for it. That’s what our project is doing.”
Faced with this “harvest now and decrypt later” strategy, officials are trying to develop and deploy new encryption algorithms to protect secrets against an emerging class of powerful machines. That includes the Department of Homeland Security, which says it is leading a long and difficult transition to what is known as post-quantum cryptography.
“We don’t want to end up in a situation where we wake up one morning and there’s been a technological breakthrough, and then we have to do the work of three or four years within a few months—with all the additional risks associated with that,” says Tim Maurer, who advises the secretary of homeland security on cybersecurity and emerging technology.
DHS recently released a road map for the transition, beginning with a call to catalogue the most sensitive data, both inside the government and in the business world. Maurer says this is a vital first step “to see which sectors are already doing that, and which need assistance or awareness to make sure they take action now.”
Preparing in advance
Experts say it could still be a decade or more before quantum computers are able to accomplish anything useful, but with money pouring into the field in both China and the US, the race is on to make it happen—and to design better protections against quantum attacks.
The US, through NIST, has been holding a contest since 2016 that aims to produce the first quantum-computer-proof algorithms by 2024, according to Moody, who leads NIST’s project on post-quantum cryptography.
Transitioning to new cryptography is a notoriously tricky and lengthy task, and one it’s easy to ignore until it’s too late. It can be difficult to get for-profit organizations to spend on an abstract future threat years before that threat becomes reality.
“If organizations aren’t thinking about the transition now,” says Maurer, “and then they become overwhelmed by the time the NIST process has been completed and the sense of urgency is there, it increases the risk of accidental incidents … Rushing any such transition is never a good idea.”