Vulnerable in 53 hours and with a laptop a proposed password to avoid an attack with quantum computing

Security in the face of the next irruption of quantum computing —Jian-Wei Pan, the greatest expert in this science in China, believes that “the greatest advances will come in just five years”— is one of the great concerns of all protection systems of the world. The National Institute of Standards and Technology of the United States (NIST, for its acronym in English) has wanted to test seven encryption formulas to find out their vulnerability to new processing systems. Ward Beullens, from the IBM research center in Zurich (Switzerland), has managed to reveal an encrypted key in just 53 hours and with a simple laptop.

The challenge brought seven encryption models to the testbed. It was about creating an impenetrable technique to develop invulnerable transmission formulas. NIST received 69 proposals, of which only four encryption formulas and three secure signature formulas for identifying and carrying out financial transactions reached the final.

One of these last three models was Rainbow, a signature system that carries a secret key only known by the user and that can be verified by the recipient. Ward Beullens cracked the access system in just over a weekend, using only a laptop. And it is the second time that Beullens has achieved it. According to him, “the previous attack was also quite severe and it was already clear that Rainbow would not be standardized.”

The researcher, author of A study presented at the International Association for Cryptologic Research, explains: “Both attacks reduce the security level of the Rainbow proposal below the requirements established by NIST. However, our attacks are still exponential and Rainbow can be saved by increasing the parameter sizes by a relatively small amount.”

Ray Perlner and Daniel Smith-Tone, two mathematical researchers involved in the NIST standardization process, agree on the analysis, which analyzes candidate systems to provide security against the advanced threat of quantum computers. According both scientists stated at NISTprior to the current selection process, “none of Rainbow’s parameters meet the claimed level of security”, but admit that small changes are possible so that you can meet them.

However, Dustin Moody, also of the National Institute of Standards and Technology, believes that “the attack on Rainbow has been proven and, now, it is unlikely that the method will be chosen as the final signature algorithm.”

Quantum computers are exponentially more powerful at breaking many encryption techniques than classical computers

Mark Webber, University of Sussex

Quantum computing is a race in parallel to the security problems it will generate. On the one hand, this science has enormous potential. According to the physicist from the University of Seville Adán Cabello, “it will allow quantum physics to be verified in regions that were inaccessible until now”. But they also pose a risk. For Mark Webber of the University of Sussex and lead author of an investigation in AVS Quantum Science“quantum computers are exponentially more powerful at breaking many encryption techniques than classical computers.”

Webber warns that the ciphers used by Bitcoin (elliptic curve digital signature algorithm) will one day be vulnerable to a quantum computing attack, although he clarifies: “Today, even the largest supercomputer could never pose a serious threat.”

A current conventional computer uses the bit as the basic unit of information (which can take two values). In a quantum computer, the basic unit is the quantum bit, or qubit, which has an infinite number of states. According to Webber, state-of-the-art quantum computers today only have between 50 and 100 qubits and, according to his team’s research, it would take up to 300 million physical qubits to break Bitcoin’s security.

Although it seems unattainable, the Sussex quantum researcher warns that future advances may further reduce the requirements for improvements in both quantum algorithms and error correction protocols: “Four years ago, we estimated that a trapped ion device would need 1 billion physical qubits to break RSA encryption [la encriptación utilizada para la mayoría de comunicaciones seguras], which would require a 100 by 100 meter device. Now, with improvements across the board, this could see a dramatic reduction to an area of ​​just 2.5 by 2.5 metres.”

And for Bitcoin it will also be a problem. According to Webber, “Bitcoin network could perform secure quantum encryption techniques, but this may result in network scaling issues due to higher memory requirement.”

For Jian-Wei Pan, security has to be a significant aspect of the development of quantum computing, but he believes that the latter should be the priority: “Building a practically useful and fault-tolerant quantum computer is one of the great challenges for the human being I am more concerned with how and when we will build one. The most formidable challenge in building a large-scale universal quantum computer is the presence of noise and imperfections. We need to use quantum error correction and fault-tolerant operations to overcome noise and scale the system.”

You can write to us [email protected]will follow THE COUNTRY TECHNOLOGY on Facebook and Twitter and sign up here to receive our weekly newsletter