The chances that quantum computing advances would act like Setec Astronomy from the 1992 spy film Sneakers and unlock all cryptographic-based technologies like blockchains is slim at best, according to cryptographic and security experts.
“If quantum computers become real then someone may be able to reverse blockchain encryption in the future,” said Patrick Nielsen, co-founder and CTO of Clovyr, during a panel discussion hosted by the Fintech Open Source Foundation in Lower Manhattan. “There is a reason not to share your data with everyone even though it’s encrypted.”
However, when and if the world sees a functional quantum computer is open for debate.
Nielsen noted that every quantum computing platform in the media spotlight is a quantum annealing machine that cannot run Shor’s Algorithm or Grover’s Algorithm, which are significant cryptographic algorithms.
Fellow panelist Dan Guido, co-founder and CEO of Trails of Bits questioned whether quantum computers would ever happen.
“There is information bias that happens as the qubits go up,” he said. “I don’t think it is guaranteed that quantum computers are going to be a thing.”
If quantum computers become a reality, there is no way to tell if they would be fast enough to decrypt the encryption algorithms, according to Nielsen.
“It is true that it allows you to perform asymptotical computations much faster, but the computer may be hilariously slow,” he said.
If the technology matures to a point where it could pose a significant issue with existing cryptographic algorithms, the financial industry would need to treat the affected algorithms as obsolete and migrate to unaffected algorithms.
Nielsen compared the potential situation to Wall Street’s Y2k mediation or more recently the migration from version 1.2 to 1.3 of the Transport Security Protocol.
“There is a lot of security software and appliances that worked up until TLS 1.2, but after TLS 1.3,” he said. “They broke because the IETF (Internet Engineering Task Force) said it would not allow middlemen anymore and that is how those products work.
It will be a scramble for organizations, but they should see the need to switch over from a mile away, agreed Guido. “If they are, the time horizon is pretty long and the fact that we are standardizing the encryption algorithms today should give people a 20-year head start that makes these things possible to solve.”
In the meantime, there are several efforts to develop suites of post-quantum algorithms, including the National Institute of Standards and Technology’s current competition.
He also noted that quantum computing does not pose a threat to all flavors of cryptographic algorithms like asymmetric cryptography.
“The only thing you have to do is double the number of bit that you are using,” said Guido. “If you are using a 128 AES, you should use 256 bits, and you are done. It is the same thing for random number generation. Double the number of random bits you need and you are done.”