Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Quantum cryptography is the last, best defense

Roger A. Grimes | Aug. 28, 2013
When quantum computing finally lands, all encryption will be open -- unless you're protected with quantum cryptography

Quantum computers, when fully realized, will be able to crack most of the encrypted secrets of our lifetime — except for secrets protected by quantum ciphers. We'd better start thinking about encryption that's resistant to quantum computers sooner rather than later.

To protect our future secrets, we need quantum (or postquantum) encryption routines. There is a possibility that the most advanced cryptographers — such as the NSA — are already using quantum encryption. But if they've reached that bar and used quantum encryption beyond a few simple demonstration tests, it isn't publicly known yet.

An iron-clad solution — in theory
Quantum encryption works because if anyone tries to intercept the encrypted secret, the mere act of viewing the secret will change the secret. Not only does the invader fail to obtain the secret, but authorized people will know that someone tried to tamper with their secret. In other words, quantum encryption sounds pretty great.

Unfortunately, the quantum encryption done so far has been very limited. We're essentially waiting for quantum computers to mature enough for the practical applications to catch up with the theory, which is par for the course in physics even outside of quantum mechanics. Many people are already demonstrating that they can "crack" quantum-encrypted secrets.

But here's my biggest beef about quantum crypto: Today's encryption isn't even close to being the weakest link. Today, nearly any good hacker can break directly into any computer. Forget trying to hack encryption; hack the endpoint. Take all the secrets. Forget quanta, forget subatomic particles, entanglements, and wave theory. None of that means anything unless we do a better job protecting endpoints.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.