| Contents | |
|---|---|
 Quantum Toast |
Classic Cryptography is Quantum Toast |
| Cryptographic Relevant Narrative |
Claims Quantum Computers are no threat yet |
| AES Quantum Safe Claims |
Persistent AES "quantum-safe" claims are false |
| Few are taking it seriously |
The Quantum Elephant in the Room |
| A Clear and Present Danger |
Cyber security and privacy is at risk now |
Classic Cryptography is Quantum Toast
It is quite clear and well understood that a quantum computer can process all possible combinations of qubits at once, unlike classic computers that must process each possible bit combination sequentially.
It is a phenomenal paradigm shift, a multiple exponential increase in quantum computing power over classic computers.
Bits v Qubits
The remarkable capability of Quantum Computers to process data simultaneously threatens Classic Cryptography.
Let's compare classic bits with quantum computer qubits:
- Classic binary computers use bits to process keys:
This shows 256 bits with one of 2256 possible combinations.
A classic computer must check every combination sequentially that takes thousands or millions of years.
- Quantum computers use qubits to process keys:
This shows 256 qubits processing all 2256 possible combinations simultaneously.
This is made possible by qubit entanglement and superposition.
This is the shocking reality of the quantum encryption threat.
Specifically, a 256 bit classic key register can be replaced with a 256 qubit quantum key register, and:
A quantum computer will process
all possible combinations of 256 qubits at once!
For a classic computer to process 2^256 combinations takes thousands of years as each combination must be tested sequentially. This is the encryption/decryption asymmetry that classic cryptography relies on for security, fast to encrypt and slow to brute force decrypt.
A qubit key register can be linked to quantum functions that mimic classic encryption or hashing and:
Instantly Brute-Force the Cipher/Hash
The core weaknesses of classic cryptography that Quantum Computers exploit include:
- Deterministic Encryption: deterministic link between key → payload → cipher
- Key Shape: the key shape acts directly on the payload
- Block Size: the key acts on small blocks
- Success Flags: only the correct key is reversible and yields a sensible candidate
- Computational Difficulty: reliance on classic computer computational difficulty
All classic cryptography shares these weaknesses.
Cryptographic Relevant Narrative
It is frequently claimed that:
"Quantum Computers are no threat until
they become Cryptographically Relevant"
This is often accompanied by various claims:
- Not enough qubits: thousands or millions of qubits are required
- Error prone qubits: qubits are error prone and require years of R&D
- Quantum Computer expense: not many quantum computers exist
- Quantum Computers not ready: they are a future technology
None of the above are true in respect of threatening cybersecurity and classic cryptography, rather:
- Not enough qubits: required qubit numbers exist today
- Error prone qubits: quantum computer algorithms can ignore errors
- Quantum Computer expense: plenty exist and can be accessed online
- Quantum Computers not ready: they are a present reality
It is true that Quantum Computers are an emerging technology and undergoing unprecedented R&D, but existing QCs are extremely capable.
Furthermore, Quantum Computer programming techniques are rapidly improving, able to leverage existing qubits in powerful new ways.
One example is Amplitude Encoded Qubits capable of simulating classic bytes (8 bits), dramatically reducing qubit requirements.
The Cryptographic Relevant Narrative is dangerous and fosters a false sense of security.
AES Quantum Safe Claims
There is a persistent narrative that:
"AES is Quantum Safe as long as you use quality keys"
In light of the above and the Flatow Algorithm it is clear that the quality of the key cannot prevent a quantum brute force crack of AES, or similar classic encryption.
Moreover, the number of qubits required is well within the capacity of today's quantum computers.
It is unfortunate that the AES Quantum Safe claim persists, it is another dangerous narrative that fosters a false sense of security.
Few are taking it seriously
There is an understandable agenda to downplay the fact that Classic Cryptography is Quantum Toast.
Firstly it undermines confidence in classic encryption in general, particularly AES and SHA, standards adopted by NIST and governments worldwide.
Secondly, manufacturers and backers of quantum computing do not wish dissemination of the very negative quantum computer threat to cybersecurity.
Awareness of the quantum threat is layered near the top of governments and institutions, yet its impact is global:
Classic Encryption, including AES and SHA, must be replaced on
billions of devices, millions of software applications and enterprise platforms.
This is The Quantum Elephant in the Room - very few are taking it seriously…
A Clear and Present Danger
It is critical for the cybersecurity profession, IT professionals and directors of companies that handle confidential information to realise:
Classic Cryptography is Quantum Toast Today!
Not at some future time, not when quantum computers become more capable, not when they become 'cryptographically relevant' ... NOW!
Quantum computers have been 'cryptographically relevant' since 2022!
Migration to a Quantum Safe replacement of classic encryption is a major project that must be launched immediately if you have sensitive assets protected and secured by classic encryption.
