Monday, October 07, 2019
Is science threatening to make on-line security obsolete?
Having left school the year before computers were introduced in the classrooms, and having played catch-up ever since, I am still astonished at how quickly we have got to the stage when the internet, and smart phones in particular dominates our entire life.
With the convenience the internet brings, come risks of course, and incidents of scams, fraud, hacking, identity theft and fake news have grown exponentially in recent times. The only thing that offers us protection from those who would seek to use technology to exploit us is the encryption that is applied to many activities and applications, such as on-line banking. If we don't do anything really foolish then we should be okay.
It is alarming therefore to learn from this article in the Guardian that sudden advances in quantum computing is threatening to put that encryption at risk within years. The Guardian says that a paper about quantum computing by a Google researcher making a startling claim appeared on a Nasa website – and then disappeared shortly afterwards.
The paper apparently asserted that a quantum computer built by Google could perform a calculation “in three minutes and 20 seconds that would take today’s most advanced classical computer … approximately 10,000 years”. This is important because it means that the most sophisticated encryption could be more easily broken by such a quantum computer - and that may well put internet banking and a whole range of other applications at risk of being hacked:
The security of our networked world depends on public-key cryptography – the encryption that protects communications, bank accounts and other sensitive data. At the core of this approach is the fact that factoring very large numbers takes a long time. In 2016, for example, it took several hundred computers two years to crack a message encrypted with a key that was 768 bits long. The same process for material encrypted with a 1,024-bit key would take 1,000 times longer, and cracking anything encrypted with the current highest standard 4,096-bit key would possibly outlast the presence of life on earth. So our security depends on the speed of computers.
In principle, industrial-scale quantum computers could make a mockery of all this – but that’s in theory. In practice, quantum supremacy is still a long way off, as Scott Aaronson, a leading academic in the field, points out in a post on his blog. There are, he says, two big obstacles. The first is that a quantum machine capable of tackling current encryption methods would need several thousand logical qubits: “With known error-correction methods, that could easily translate into millions of physical qubits, and those probably of a higher quality than any that exist today. I don’t think anyone is close to that, and we have no idea how long it will take”.
The second caveat is that quantum machines would be able to crack some codes but not all possible codes. The public-key codes that would be vulnerable happen to be the ones we use to secure online transactions and to protect data. But private-key encryption will probably still be invulnerable. And researchers have been working on new types of public-key crypto that no one knows how to break – even in principle – after two decades of trying.
This is a development that warrants careful scrutiny.
With the convenience the internet brings, come risks of course, and incidents of scams, fraud, hacking, identity theft and fake news have grown exponentially in recent times. The only thing that offers us protection from those who would seek to use technology to exploit us is the encryption that is applied to many activities and applications, such as on-line banking. If we don't do anything really foolish then we should be okay.
It is alarming therefore to learn from this article in the Guardian that sudden advances in quantum computing is threatening to put that encryption at risk within years. The Guardian says that a paper about quantum computing by a Google researcher making a startling claim appeared on a Nasa website – and then disappeared shortly afterwards.
The paper apparently asserted that a quantum computer built by Google could perform a calculation “in three minutes and 20 seconds that would take today’s most advanced classical computer … approximately 10,000 years”. This is important because it means that the most sophisticated encryption could be more easily broken by such a quantum computer - and that may well put internet banking and a whole range of other applications at risk of being hacked:
The security of our networked world depends on public-key cryptography – the encryption that protects communications, bank accounts and other sensitive data. At the core of this approach is the fact that factoring very large numbers takes a long time. In 2016, for example, it took several hundred computers two years to crack a message encrypted with a key that was 768 bits long. The same process for material encrypted with a 1,024-bit key would take 1,000 times longer, and cracking anything encrypted with the current highest standard 4,096-bit key would possibly outlast the presence of life on earth. So our security depends on the speed of computers.
In principle, industrial-scale quantum computers could make a mockery of all this – but that’s in theory. In practice, quantum supremacy is still a long way off, as Scott Aaronson, a leading academic in the field, points out in a post on his blog. There are, he says, two big obstacles. The first is that a quantum machine capable of tackling current encryption methods would need several thousand logical qubits: “With known error-correction methods, that could easily translate into millions of physical qubits, and those probably of a higher quality than any that exist today. I don’t think anyone is close to that, and we have no idea how long it will take”.
The second caveat is that quantum machines would be able to crack some codes but not all possible codes. The public-key codes that would be vulnerable happen to be the ones we use to secure online transactions and to protect data. But private-key encryption will probably still be invulnerable. And researchers have been working on new types of public-key crypto that no one knows how to break – even in principle – after two decades of trying.
This is a development that warrants careful scrutiny.
Comments:
<< Home
Their is a discussion here to keep cash/cheques/postal orders in business.Concrete pieces of paper that cannot be wiped out instantly by pressing the wrong button on a keyboard. copied,sent by email they can be kept by both parties involved and one side or the other has proof.
Post a Comment
<< Home
