The world is a quantum entity where codes and languages are created to build technologies that solve complex problems, while data and communication are simultaneously secured with difficult-to-crack encryptions.
Through innovations that have occurred over the past few years, and the future anticipated strides in this field, it is believed that quantum computing will revolutionize various fields and domains, such as artificial intelligence, chemistry, physics, and cryptography.
In light of this, quantum computing is a topic you need to be aware of as a programmer, blockchain enthusiast, techie, or even a layman.
Quantum Computing is the next frontier of technological innovation that promises to revolutionize many fields and industries.
By harnessing the power of quantum physics, quantum computers can perform calculations that are beyond the reach of classical computers, opening new possibilities for scientific discovery, optimization, and artificial intelligence.
Quantum computing could solve problems that are too hard or too slow for normal computers, such as finding new drugs, aircraft modeling, creating room-temperature superconductors, optimizing traffic routes, or simulating complex systems.
However, quantum computing could also affect the security of digital and blockchain networks that use cryptography to protect their data and transactions.
Cryptography is the science of encoding and decoding information using mathematical techniques and algorithms. It is the technique of securing information and communications through the use of codes so that only those persons for whom the information is intended can understand it and process it, therefore preventing unauthorized access to information.
A few of the numerous uses and benefits of cryptography include:
Blockchain is a technology that uses cryptography to create a distributed ledger of records of transactions in a chain of blocks that are linked by cryptographic hashes.
These transactions are transparent, immutable, decentralized, and thus, verified by many computers instead of one central authority.
Since its inception, blockchain has been adopted for various applications beyond cryptocurrencies and digital money, such as smart contracts, supply chain management, digital identity, and more.
Quantum computing is a double-edged sword for cryptography and blockchain. On one hand, it can tamper with some of the existing cryptographic schemes by decoding complex cryptographic codes.
On the other hand, it can also provide new cryptographic schemes based on quantum physics that offer higher levels of security than classical computers.
Therefore, it is important to understand both the risks and opportunities of quantum computing for cryptography and blockchain and develop strategies to mitigate the former and leverage the latter.
Quantum computing plays a positive role in cryptography and blockchain by enabling new methods of secure communication based on quantum physics.
For example, Quantum Key Distribution (QKD), which is a quantum cryptography method, is used to securely generate and distribute secret keys using the laws of quantum mechanics. It uses a series of photons to transmit a secret, random sequence, known as the key.
By comparing measurements taken at either end of the transmission, users will know if the key has been compromised.
QKD exploits two properties of quantum physics: Superposition and Entanglement
QKD works by sending qubits encoded with random bits over a quantum channel, such as an optical fiber or a free-space link. The sender and receiver use a public channel, such as a phone line or the internet, to compare some of their bits and check for errors or eavesdropping.
If there are no errors or eavesdropping, they can use the remaining bits as a secret key to encrypt and decrypt their messages. If there are errors or eavesdropping, they can discard the bits and try again. QKD provides unconditional security for digital and blockchain transactions.
Cryptography uses one-way functions to create encryption keys, digital signatures, and hashes that secure digital and blockchain transactions.
Quantum computers can potentially break some of the one-way functions that underpin cryptography by using special algorithms that can solve them faster than classical computers.
For example, Shor's algorithm can factor large numbers in polynomial time using a quantum computer, effectively breaking the security of RSA and other cryptosystems based on similar mathematical problems.
This could have serious implications for the security of digital and blockchain networks, as it could compromise the privacy, integrity, authenticity, and non-repudiation of data and transactions.
Hackers can decrypt encrypted messages, forge digital signatures, or tamper with hashes and use quantum computers to:
These attacks could undermine the trust and reliability of digital and blockchain networks, as well as cause financial losses, legal disputes, or reputational damage for their users and participants.
Hence, it is important to anticipate and prevent these threats by developing and implementing new methods of cryptography that are resistant to quantum attacks.
To prevent this scenario, researchers and developers are working on new methods of cryptography that are resistant to quantum attacks.
The new methods of cryptography currently in the research phase to prevent quantum attacks are collectively known as post-quantum cryptography or quantum-resistant cryptography.
Post-quantum cryptography aims to create and provide the same or similar functions and protocols as current cryptography, such as encryption, digital signatures, and hashing.
But this is based on mathematical problems that are hard for both classical and quantum computers to solve.
This can resist quantum attacks and ensure the long-term security of blockchain networks.
Some of the main families of post-quantum cryptographic schemes are:
Lattice-based Cryptography: This is a type of cryptography that uses mathematical structures called lattices to create and secure cryptographic schemes. Lattices are sets of points in a high-dimensional space that are arranged in a regular pattern.
You can think of a lattice as a grid of dots that extends infinitely in all directions. Lattice-based cryptography can provide encryption, digital signatures, and hashing, as well as advanced features such as fully homomorphic encryption and zero-knowledge proofs.
Examples of lattice-based schemes are Learning with Errors (LWE), Ring-LWE, Module-LWE, NTRU, and BLISS.
Code-based Cryptography: This uses mathematical structures called codes to create and secure cryptographic schemes. Code-based cryptography can provide encryption and digital signatures, but not hashing. Examples of code-based schemes are McEliece, Niederreiter, and BIKE.
Multivariate Cryptography: This uses a different type of mathematical structure called multivariate polynomials to create and secure cryptographic schemes. Multivariate polynomials are expressions that involve multiple variables and coefficients over a finite field.
Multivariate cryptography can provide encryption and digital signatures, but not hashing. Examples of multivariate schemes are Rainbow, Unbalanced Oil and Vinegar (UOV), and GeMSS.
Hash-based Cryptography: This employs hash functions that are resistant to quantum attacks based on Grover's algorithm, which can speed up brute-force search by a quadratic factor and create and secure cryptographic schemes.
Hash-based cryptography can provide digital signatures and hashing, but not encryption. Examples of hash-based schemes are Lamport signatures, Merkle signatures, and SPHINCS.
Isogeny-based Cryptography: This type of cryptography uses mathematical maps called isogenies to create and secure cryptographic schemes. Isogenies are functions that preserve the structure of elliptic curves, which are geometric shapes that have special properties.
For example, you can think of an isogeny as a way of transforming one elliptic curve into another without changing its essential features. Isogeny-based cryptography can provide encryption and key exchange, but not digital signatures or hashing. An example of an isogeny-based scheme is Supersingular Isogeny Diffie-Hellman (SIDH).
The current state of the art of post-quantum cryptography is characterized by several aspects which include:
Standardization: The post-quantum cryptographic schemes are currently being evaluated and standardized by the National Institute of Standards and Technology (NIST), which launched a post-quantum cryptography standardization project in 2016.
NIST has recently announced the first four quantum-resistant cryptographic algorithms that will become part of its post-quantum cryptographic standard. These are:
Kyber: A lattice-based encryption scheme based on Module-LWE.
NTRU: A lattice-based encryption scheme based on Ring-LWE.
Dilithium: A lattice-based digital signature scheme based on Module-LWE
Falcon: A lattice-based digital signature scheme based on NTRU.
NIST is also considering four additional algorithms for inclusion in the standard. These are: Classic McEliece: A code-based encryption scheme based on McEliece. SIKE: An isogeny-based key exchange scheme based on SIDH. SPHINCS+: A hash-based digital signature scheme based on Merkle signatures. Picnic: A digital signature scheme based on zero-knowledge proofs.
Implementation: Post-quantum cryptographic algorithms have been implemented and tested in various platforms and environments, such as software libraries, hardware devices, cloud services, web browsers, and network protocols. For example:
Google has experimented with using NewHope (a lattice-based key exchange scheme) in its Chrome browser to secure TLS connections.
Microsoft has deployed Supersingular Isogeny Key Encapsulation (SIKE) in its Azure cloud service to protect virtual machines.
The Internet Engineering Task Force (IETF) has proposed several drafts for integrating post-quantum cryptographic algorithms into TLS 1.3 and IKEv2 protocols.
Evaluation: Post-quantum cryptographic algorithms have been evaluated and compared in terms of security, performance, efficiency, and compatibility. For example:
NIST has established security categories and performance metrics for assessing the candidates of its post-quantum cryptography standardization project.
The European Union Agency for Cybersecurity (ENISA) has published a report on post-quantum cryptography that provides an overview of the main challenges and recommendations for designing and deploying post-quantum systems.
The PQCRYPTO project has published a roadmap for post-quantum cryptography that provides guidelines and best practices for selecting and implementing post-quantum cryptographic algorithms.
Looking at the directions of post-quantum cryptography, the future can confidently be predicted to be influenced by several factors such as:
Quantum Computing: The development and availability of quantum computers will affect the urgency and feasibility of transitioning to post-quantum cryptography. The current estimates of when a quantum computer capable of breaking current cryptography will be built vary widely, from a few years to several decades.
However, it is widely agreed that it is prudent to prepare for this eventuality in advance, as the transition process may take a long time and involve many challenges. Moreover, quantum computing may also offer new opportunities for enhancing cryptography, such as Quantum Key Distribution or Quantum Random Number Generation.
Cryptanalysis: The security and confidence of post-quantum cryptographic algorithms will depend on the progress and results of cryptanalysis, both classical and quantum. Cryptanalysis is the science of analyzing and breaking cryptographic schemes.
Cryptanalysis will reveal new attacks or weaknesses that could reduce the security or efficiency of post-quantum cryptographic algorithms. Cryptanalysis will also provide new insights or techniques that could improve the security or efficiency of post-quantum cryptographic algorithms.
Innovation: The research and development of post-quantum cryptography will continue to explore new ideas and methods that could provide better solutions for securing data and transactions in the quantum era. Innovation may lead to new families or variants of post-quantum cryptographic schemes that could offer higher levels of security or performance.
Innovation may also lead to new applications or protocols that could leverage the features or advantages of post-quantum cryptography.
NIST expects to finalize its post-quantum cryptographic standard by 2024. However, it recommends that organizations start preparing for the transition now by following its post-quantum cryptography roadmap, which includes:
Post-quantum cryptography is an active and evolving research area that aims to provide secure and efficient cryptographic solutions for the future quantum era.
By adopting post-quantum cryptography, organizations can protect their data and transactions from quantum attacks and ensure their long-term security and reliability.
Quantum computing and post-quantum cryptography are two sides of the same coin that will shape the future of cyber security going forward.
Through the exploration and development of new cryptographic schemes that can resist quantum attacks, post-quantum cryptography ensures that data and transactions will remain secure and reliable in the quantum era and beyond.