Cracking with Quantum: What Breakthrough Research Means – Cyber Magazine
In a startling development that has sent ripples through the cybersecurity community, Chinese researchers have claimed a significant breakthrough in using quantum annealing systems to attack classical encryption methods.
This revelation, led by a team of researchers from Shanghai University and published in the Chinese Journal of Computers, marks a watershed moment in the ongoing race between quantum computing advancements and the security of our digital infrastructure.
The cybersphere has as of late been aware of the threat quantum computing poses down the line, however this new revelation throws the previous timeline enterprises and organisations were working towards out of sync.
The team lead by Wang Chao utilised a D-Wave quantum annealing system to devise an attack on public key cryptography.
Their focus was on Substitution-Permutation Network (SPN) structured algorithms, which form the backbone of widely-used encryption standards such as the Advanced Encryption Standard (AES).
While the researchers successfully targeted a 22-bit key—far shorter than those used in real-world applications—the implications are profound. The study represents “the first time that a real quantum computer has posed a real and substantial threat to multiple full-scale SPN structured algorithms in use today,” according to the researchers.
The mere fact that an off-the-shelf quantum system has been used to develop a viable angle of attack on classical encryption advances debate about the need to revisit the way data is protected. While it’s widely assumed that quantum computers will one day possess the power to easily decrypt data enciphered with today’s tech, opinion varies on when this will happen.
"News of using today's quantum technology to target encryption systems protecting authentication and data worldwide is all part of the quantum starting gun that's well underway."
This development is particularly significant when viewed in the context of ongoing global efforts to prepare for the quantum computing era.
The urgency of this transition is highlighted by the "harvest now, decrypt later" threat, where malicious actors could potentially store encrypted data today and decrypt it once powerful quantum computers become available. This concern has prompted industries to take proactive measures in implementing quantum-safe security solutions.
Many companies are struggling to prepare for the quantum future, with 64% of security leaders saying they "dread the day" the board asks about their migration plans, and 67% thinking the shift to post-quantum cryptography will be a nightmare. However, this development does not spell all doom and gloom.
“So while this research demonstrates a step towards a potential quantum-based attack, we're still a significant distance away from a practical and widespread threat as it is yet to be proven against the recommended industry standard."
Indeed, major tech companies are already taking significant steps. IBM, for instance, has announced that two of its developed algorithms, ML-KEM and ML-DSA, have been standardised by the US National Institute of Standards and Technology (NIST) in a world first.
These new Federal Information Processing Standards (FIPS 203, 204, and 205) are designed to replace current encryption methods vulnerable to quantum attacks.
Similarly, global telecom leader Telefónica has developed a quantum security architecture solution incorporating Quantum Key Distribution (QKD) and post-quantum cryptographic algorithms.
As quantum computers grow more powerful, the timeline for implementing quantum-safe security measures grows shorter.
Government agencies, tech giants, and telecommunications companies are all playing crucial roles in this transition. However, with continued investment, collaboration, and innovation across industries, the proactive steps taken by governments and enterprises mean that defence is being improved as diligently as attacks.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series – Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand
Fortinet is halfway through its five-year mission its mission to train one million individuals in cybersecurity
Gigamon’s Mark Coates explains that the UK has several cybersecurity shortcomings, and explains how to address them
Cloudflare has partnered with Whatsapp to deliver E2EE and Key Transparency for millions of users
Cyber Magazine connects the leading cyber executives of the world's largest brands. Our platform serves as a digital hub for connecting industry leaders, covering a wide range of services including media and advertising, events, research reports, demand generation, information, and data services. With our comprehensive approach, we strive to provide timely and valuable insights into best practices, fostering innovation and collaboration within the cyber community. Join us today to shape the future for generations to come.
source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.
