Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, Google has warned.
The tech company said in a blogpost that quantum computers would pose a “significant threat to current cryptographic standards” before the end of the decade and urged other companies to follow its lead.
The company, owned by Alphabet, said: “The encryption currently used to keep your information confidential and secure could easily be broken by a large-scale quantum computer in coming years.”
As it stands, quantum computers – which can rapidly carry out complex tasks – are a nascent technology with great potential and significant obstacles to being widely usable.
Translation: Google IR needs to start juicing quantum computing now that cracks are forming in the AI hype cycle.
Quantum is much cooler than the current LLM circlejerk.
Nearing absolute zero even.
What, you’re unimpressed with large-training-set auto-complete?
This paper released last summer makes the argument that quantum computing is in a similar state, and that any of the claimed numbers that were factored by quantum computing above 21 have basically been bullshit. I was listening to Security Now episode 1034 recently and they discussed the paper in reasonably understandable terms, but basically it boils down to factoring big numbers by picking numbers that are disallowed by modern algorithms because they’re binary weak primes.
The encryption currently used to keep your information confidential and secure
Meanwhile data is leaked all the time, taken by doge or just given to palantir for processing.
Have they managed to factor a number bigger than 15 yet?
Tell us something we didn’t know google, turns out there’s people out there that already devising solutions for this problem but your already know that
I mean, they specifically point to post-quantum cryptography and advise people to move towards it in the article:
Google said: “We’ve adjusted our threat model to prioritise post-quantum cryptography migration for authentication services – an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit.”
The issue here is not that there aren’t solutions; it’s that organizations are not interested in taking the time and effort to move towards them. I’ve been beating this particular drum at my org for about a year, and I’ve gotten zero traction. This is a concern because moving to New encryption means taking all the data you’ve got, decrypting it, and re-encrypting it. That’s not fast when you’re talking hundreds of terabytes.
Fairly not super experienced on things. but how viable is a layered system, does it just prohibitively slow or storage consuming or is it moderately feasible to say double encapsulate everything.
Huh, interesting; that’s a good question. I’m not actually sure about that; it’d be a good thing for me to dig into more. Thanks for the thought!
I’m probably an idiot. Tell me I’m all wrong about this.
The danger is that quantum computers could factor large products well enough to reverse public keys, finding the associated private keys. Which would indeed be very bad. But this isn’t quite a magic key that opens everything.
Public key crypto is used to set up a secure network connection, but it’s not used to encrypt the data that flows on that connection. Quantum snooping would require an eavesdropper to intercept every bit on a connection, from initiation onward. And decrypting it would probably not be a real-time affair.
Public key crypto is also not used to protect your typical encrypted zip file or file system volume. Your Bitlocker and Veracrypt secrets aren’t about to fall to quantum spies.
I’m bothered that so many popular articles about this issue draw no distinction between the classes of cryptography that are vulnerable and those that are not.
It also needs to factor in a threat models. Maybe this is important for governments or giant conglomerates, but an average hacker isn’t going to have their hands on a quantum computing rig to just use. Until its use becomes widespread on a consumer level it will be mostly used by corporations and governments. I think it will be a while before a criminal organization has one, but maybe I am wrong.
Continuing from OP’s snippet:
Leonie Mueck, formerly the chief product officer of Riverlane, a Cambridge-based quantum startup, said Google’s statement did not necessarily suggest there would definitely be a working quantum computer capable of breaking encryption by 2029.
In fact, most timelines for a cryptographically relevant quantum computer – that is, one powerful enough to break encryption – range from the 2030s to the 2050s. But Mueck said the prospect was close enough that governments were already preparing for the eventuality that data stored to today’s encryption standards would be exposed when the technology sufficiently advances.
“We’re basically seeing in the intelligence community already that for probably more than a decade they’ve been thinking about this threat,” Mueck said.
Last year the UK’s cybersecurity agency, the National Cyber Security Centre, urged organisations to guard their systems against quantum hackers by 2035.
Google’s timeline suggests engineering teams across the technology industry should consider measures to protect sensitive data by migrating to more advanced encryption systems now. Certain kinds of attacks predicated on the future availability of quantum decryption – “store now, decrypt later” – may currently be being deployed across the field.
I’ve said it before and I’ll say it again: if this happens in my lifetime I will eat my hat.
deleted by creator
