Cloudflare is one of several cybersecurity companies now reassessing their timelines to provide protection against quantum hacking.Credit: Richard B. Levine/Alamy
The world could be caught off guard by quantum hackers before the end of this decade — much sooner than previously expected. This is the take-home message of two preprint studies posted independently on 31 March, one by a team at Google1 and the other by Oratomic2, a start-up company in Pasadena, California.
Digital technologies relying on encryption and authentication methods — such as credit card systems, cryptocurrencies and Internet communications — have long been known to be vulnerable to future quantum computers capable of cracking security measures faster than even the largest conventional supercomputers can.
But the assumption among researchers and cybersecurity companies working on quantum-proof encryption technologies has been that these machines would not become a serious threat to digital security for at least ten years.
The preprints, both of which suggest that quantum computers capable of cracking current encryption systems could soon become available, have created a sense of “renewed urgency”, says Jintai Ding, a mathematician at Tsinghua University in Beijing. The findings have prompted “many discussions among people I know, ranging from academics to bankers and to people who care about cryptocurrencies”, says Ding.
“It’s a real shock for us too,” says Bas Westerbaan, a mathematician at the Internet-services company Cloudflare, based in San Francisco, California, which helps to protect one-quarter of the world’s Internet traffic. “We are still digesting it, but we are very concerned.”
In a 1 April blog post, Scott Aaronson, a quantum-computing researcher at the University of Texas at Austin, describes the studies, which have not yet been peer reviewed, as “Quantum computing bombshells”.
Fewer qubits
The preprint posted by Oratomic, a spin-off of the California Institute of Technology, demonstrates a method to lower the amount of estimated quantum computing required for cracking two types of common security technologies. Their approach leverages the strengths of a type of quantum computing that uses atoms trapped with lasers, and combines a number of recent developments in quantum software and hardware.
The authors also added their own improvements to show that cracking a common security-key technology called P-256 — because it relies on keys that are 256 bits long — could require as few as 10,000 qubits. These are the units of quantum information that replace the bits of ordinary computers.
Quantum computers will finally be useful: what’s behind the revolution
“I had gone around giving talks saying that you needed millions of qubits” to crack security technology, says Dolev Bluvstein, who co-founded Oratomic and is one of the authors of the analysis. The team didn’t expect that their estimate would end up being so far below the accepted wisdom. “We were quite surprised,” Bluvstein says.
“The Oratomic paper is highly exciting” from the point of view of advancing quantum computing, says Jens Eisert, a quantum physicist at the Free University of Berlin. The techniques it describes, in particular for reducing computational errors, could enable atom-based quantum computers to solve a broad range of problems, he says, and not just be used for quantum hacking.
“It is also exciting to see how these new insights could accelerate applications beyond cryptography, in areas such as materials science, machine learning, and optimization,” says Alexandre Dauphin, a physicist at the quantum-computing company Pasqal in Paris
