As we wrote about last month, DigiCert is partnering with ISARA on creating post-quantum IoT certificates<\/a> that will be able to withstand the coming quantum computing revolution. But that revolution is still 8-10 years away. So why is there such a concerted effort to start creating post-quantum or quantum-proof encryption now?<\/p>\n Let\u2019s hash it out\u2026<\/span><\/p>\n RSA or Rivest-Shamir-Adleman is the most widely used public key cryptosystem<\/a>, so we\u2019ll use it as our example when we discuss why quantum computing poses a threat. RSA is based on the factorization of prime numbers. But without knowing what those numbers are, and they are kept a secret, the best a computer can do is guess. Computationally, this isn\u2019t necessarily difficult, it\u2019s just the sheer number of possibilities that creates the problem.<\/p>\n Now let\u2019s talk about why quantum computing represents a threat to our current cryptosystem, this is excerpted from our own Jay Thakkar\u2019s discussion of quantum-side of quantum computing<\/a>:<\/p>\n Our normal computers can try only one combination at a time because it\u2019s using bits. Quantum computer, on the other hand, works on qubits. Therefore, a quantum computer operating on a single qubit can try cracking it using two values at a time. Similarly, a Quantum Computer with two qubits can be in four positions. We can say that a Qunatum Computer with n qubits can try 2n<\/sup> combinations simultaneously. Bristlecone, which has 72 qubits, can try 272<\/sup> (4, 722, 366, 482, 869, 645, 213, 696) values.<\/p><\/blockquote>\n So, while a 2048-bit RSA key is currently adequate owing to the fact that it would theoretically take a modern computer 6.4 quadrillion years to crack it<\/a>, guessing one combination at a time. But the aforementioned Bristlecone, which is currently the world\u2019s fastest quantum computer at 72 qubits, could crack a 2,048-bit RSA key in no time.<\/p>\n And that obviously represents a major problem, specifically for RSA, but for other cryptosystems as well. And RSA isn\u2019t well-suited to combat this. The transition from 1024-bit keys to 2048-bit ones increased CPU usage between 4-7 times based on server type, etc. Going up to 3072-bit or 4096-bit key lengths would put even greater burden on the servers handling PKI functions, and the improvement to the security of those keys is not consummate. As the keys get bigger, the resources needed increase more and more while the gains being made are less and less.<\/p>\n This performance issue is partially why you\u2019re already seeing a push towards more elliptic curve-based cryptosystems, though even those aren\u2019t going to be quantum proof. Also, it\u2019s worth noting that symmetric cryptosystems and hashing functions aren\u2019t considered as at-risk as public key cryptosystems.<\/p>\n Right now, public key cryptosystems are based on one of three kinds of mathematical problem:<\/p>\n We\u2019ve already covered Prime Factorization as much as we need to. We\u2019ve got a great guide on ECC<\/a>. And it\u2019s probably not worth going too far into the weeds on logarithms because it\u2019s only going to get us distracted. All of these would be vulnerable to quantum computing, which will probably be feasible in 8-10 years.<\/p>\n Again, this is less likely to affect hash functions and symmetric cryptosystem, where it\u2019s believed that simply increasing key size should make systems like AES sufficiently quantum-resistant.<\/p>\nThe threat of quantum computing<\/h2>\n
![\"quantum-safe](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/09\/qubit-e1537819050284-300x300.jpg\")
Modern computers operate in binary on units called bits. The bit is either a 1 or 0. Quantum computing is different, practically requiring a degree in physics to truly comprehend, but it starts with the units, called Quantum Bits or Qubits. Qubits can be in superposition, meaning they be both a 0 and a 1 simultaneously. How this works is based on quantum physics and there\u2019s an example with a coin in a box that is deeply unsatisfying, so let\u2019s just leave at the idea they can be in superposition.<\/p>\nWhat is Post-Quantum or Quantum-Proof encryption?<\/h2>\n
\n
![\"public](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/08\/bigstock-181538482-300x300.jpg\")
But Public Key cryptosystems are going to need an overhaul, and there\u2019s work being done in several areas:<\/p>\n