Learn

The Quantum Computing Threat

3 Minutes

There is a new concern for cybersecurity that is starting to look like a real threat.

The issue with this problem is it will be able to crack any and all current encryption that is calculated. One might think – why do I care? My encryption cannot be cracked now; right? The problem is, recording your data as it goes across the internet is, relatively speaking, trivial. Any cloud services that only use SSL for protection, including all of your browser-based email and applications, are at risk of recording and future cracking. So, if you create an email today that you want to be private and you use your standard web-based email client (pick any vendor), that information can be recorded for later cracking. Even if you are using a separate email client with encryption to the email server, that can be recorded and cracked at a later time. Remember those DNC emails from 2016? Nation states apparently can do this right now (or even two years ago or longer). This is a real problem and affects anyone that is sending data across any IP network like the Internet.

According to The Next Big Future, spend on Quantum Computing will soon reach $300 billion dollars. The well known big spenders doing research on Quantum Computing include Google, Microsoft, IBM and Intel (to name just a few). These are big names with deep pockets. The race to unlock what will be, no pun intended, a quantum leap in computing power is on. This is going to happen as this technology has already proven to work. Once Quantum Computers are economical (or in our wrist watches), cracking current encryption – including encrypted transmissions recorded ten years ago – will be possible by just about anyone. Will we have cracking as a service? – very likely. At that point, you can crack current, standard encryption from your local library without even owning a computer (or Quantum Smart Watch).

So where does this leave your data today? If you are in business and have any type of confidential information, you should be concerned.  This should include just about any business that has data that is valuable over time. Nearly all businesses, including something as benign as a bakery, have some kind of confidential client data that should be protected.

So, how do we fix this? There are a few companies out there creating Quantum resistant algorithms. Algorithms? Didn’t you say earlier ANY calculated encryption scheme could be cracked? That is correct. This is a fool’s approach for that reason. Shore’s and Grover’s algorithms provide speedup in a computer with more than simple binary bits making solving for things like the small keys used today much faster.  

Encryption, in the age of Quantum Computers, will have to be conducted, at a cipher level, in the same way military Type 1 encryption is done – utilizing truly random data that is not calculated. This is less calculating and more bit swapping, with a single instruction, known data against random data. The proof is simple: x + y = z. Even if we know z, we have to have x, the data or y, the randomized key, to solve for it. Keep y hidden and x on the originating computer and we’re home free. That equation, as we learned in pre-algebra, cannot be solved for (even by a Quantum Computer).

While this type of encryption has been around for over a century, the classic issue is “the key exchange problem”. How do you get the random data from one side of the network to the other without compromising the key itself? The military does this by physically transferring a matched pair of “crypto keys” from one end to the other. If you need to communicate to any number of locations, this pairing of keys becomes tedious at best. You need a physical key pair per endpoint pairing.

The tedium of Type 1 encryption has now been removed. Introspective Networks has solved the key exchange problem using a multi-faceted Moving Target Defense (MTD) technique. This moves both the key and the encrypted data or cipher-text in the network randomly. There are also other specific elements of the process that are changed at random making any attempt at cracking nearly (well, quite likely) impossible. There is nothing in this set of MTD changes that can be calculated – they are all random and unpredictable. In short, this creates a problem that a Quantum Computer will not be able to help with. Since the key is a series of unknown bytes, it’s impossible to calculate a solution for either the encrypted keystream or the ciphertext…and those two pieces of information are separated by time as well as space…also randomly. Good luck collecting the data and aligning it. How exactly is that to be approached without attempting a full brute force crack one bit at a time? A Quantum Computer can not stop this loop. Each attempt literally makes the crack exponentially more complex.  While that may sound daunting, Introspective’s patented solution leaves this even more complex than that (which will be explained in future posts.)

If you are a skeptic, contact us to get a free trial of SmokeCloud VPN today. Try it for yourself and let your cyber experts or forensic teams observe what’s happening. Seeing is believing.

Trusted partners throughout the industry.