2009-01-21 06:09:48 UTC
I have written up a short article on my website which asks the
question: How long can we wait before we must take steps to protect
our selves/infrastructure from quantum computer attacks?
The article has been written for an audience who are most likely not
specialists in security, cryptography or quantum physics. None-the-
less I am of the opinion that the content remains accurate and highly
relevant to the technical / scientific communities.
Based on my personal experience talking to people, there is a
widespread perception in the security and business communities that
the security risks posed by code-breaking quantum computers is a long-
term theoretical problem that can be put-aside and addressed at a
unqualified time in the future. This position argues that our
sensitive information remains secure with our conventional security
systems and that we should continue doing business as normal.
In my article I argue that the community at large needs to look more
carefully at the implications of a wide range of resourcing and
Issues such as:
* RSA and ECC are both insecure against Shor's or derivatives of
Shor's algorithms, both have the known potential to abruptly fail;
* there is currently no NIST standard for post-quantum secure key
exchange or digital signatures;
* there is currently no NIST competition searching for these
* the current NIST SHA-3 competition has a 6-year timeline, a much
longer time frame may be required for key exchange and digital
signature technologies based on Multi Variate Quadratic Systems,
Shortest Vector Problem, or the like based on the experience with
elliptic curve cryptography;
* a NIST cipher standard can take 5 to 10 years to be deployed
extensively in the field;
* once deployed sensitive data must be protected at least 5 to 10
years *before* code quantum computers capable of running Shor's
algorithm efficiently arrive. Many organisations require longer
durations of security.
Even if quantum computers are at least a decade or more away
(according to Prof Seth Llyod and others), that may not be sufficient
time to get the global independent network of communications systems
in order. If large quantum computers of the code-breaking variety
arrive in less than 16 years, it would appear that large segments of
our global communications infrastructure may be unacceptably at risk.
I am looking for constructive technical feedback on the article and
Equally as important, I am looking for technical feedback from people
who can present a well thought out counter-argument on why this line
of reasoning may be flawed or is in error.
Chief Technical Officer
Synaptic Laboratories Limited