Talk about the long game: international adversaries are collecting our most secret encrypted messages so that the messages can be deciphered and read when quantum computers become available. The likely targets for this are governments, but if the adversary expects quantum computing to become more generally available and with data storage pricing at about 2 cents a gigabyte, why not also capture central bank and large corporate communications? This suggests that any information that might prove valuable to others – even after 10 years – should be quantum protected, and today the Department of Homeland Security suggests companies begin by cataloguing the data at risk:
“DHS recently released a road map for the transition, beginning with a call to catalogue the most sensitive data, both inside the government and in the business world. Maurer says this is a vital first step ‘to see which sectors are already doing that, and which need assistance or awareness to make sure they take action now.’
Experts say it could still be a decade or more before quantum computers are able to accomplish anything useful, but with money pouring into the field in both China and the US, the race is on to make it happen—and to design better protections against quantum attacks.
The US, through NIST, has been holding a contest since 2016 that aims to produce the first quantum-computer-proof algorithms by 2024, according to Moody, who leads NIST’s project on post-quantum cryptography.
Transitioning to new cryptography is a notoriously tricky and lengthy task, and one it’s easy to ignore until it’s too late. It can be difficult to get for-profit organizations to spend on an abstract future threat years before that threat becomes reality.
‘If organizations aren’t thinking about the transition now,’ says Maurer, ‘and then they become overwhelmed by the time the NIST process has been completed and the sense of urgency is there, it increases the risk of accidental incidents … Rushing any such transition is never a good idea.’”
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group