Quantum Data Theft: A Warning Sign

Dr Mark Graham, CEO of ZORB Security

Dr. Mark Graham

A hacker, who could be a robot, in a quantum world.
A quantum thief      (Image created by AI)

Before starting a data theft prevention company, I spent some time teaching cryptography to undergrads and postgrads here in Cambridge, whilst studying for my PhD.  The course covered the history of cryptography as well as some of the maths. We started with classical ciphers – scytales, Ceaser ciphers, and XOR, and worked up to modern ciphers like DES, RSA, AES, and Elliptic Curves.

 

At the time, quantum computing (QC) was teetering on the edge between theory and reality.

 

Each year, without fail, an enquiring student would question what happens to our ciphers when quantum computing becomes a reality. The answer was quite straightforward. A) just make sure you’ve migrated from today’s algorithms like AES, to quantum-resistant algorithms. And B) you’ve not much to worry about as a QC capable of cracking today’s encryption is a way off.

 

Today, whilst a capable QC is still a way off, my advice of “don’t worry” could be about to change.

 

Quantum has just become a REAL concern to cryptography

Modern ciphers, such as RSA, rely on the difficulty of factoring large composite numbers into their prime factors. This problem is computationally complex, especially when the composite number is the product of two large prime numbers.

 

In 1994, American theoretical computer scientist Peter Shor created a prime factoring algorithm. This could go some way towards weakening our crypto algorithms. Although the complexity involved in prime factoring lends itself to a quantum solution, today’s quantum computers do not have sufficient qubits to make this a realistic challenge.

 

Last month a paper was published in Science by researcher Oded Regev. He suggests that it might now be possible to break modern cryptographic algorithms with far fewer qubits than previously expected. Regev puts forward a rework of Shor’s algorithm for finding a number’s prime factors using far fewer steps. The author estimates this approach could reduce the calculations required by 1000-fold.

 

This means that – potentially – small quantum computers could crack RSA encryption in a “useable” timescale.

 

 

Can quantum computers actually break today’s encryption?

Several large corporations have quantum computers today. These are mainly found in organisations researching quantum computing. Google, IBM and D-Wave are probably the forerunners in QC research.

 

But these computers are still relatively small in terms of qubits. Google’s Sycamore has about 70-qubits. IBM’s Condor is a 1,121-qubit device. IBM also has Quantum System Two, which combines three 133-qubit quantum processors into a single quantum circuit.

 

The difficulty with quantum computing, today, is sustaining a quantum state for long enough to make the computer “useful”. Qubits are delicate and susceptible to many external factors. Temperature fluctuations, electromagnetic fields, and even cosmic rays can cause qubits to lose their quantum state, leading to high error rates.

 

One primary avenue of research is in reducing or correcting these error rates. Until error rates can be reduced, it is unlikely that QCs will grow much more powerful. This does not mean that today’s QCs are useless. Certainly, these can be applied to chemistry and material science, financial risk analysis, and machine learning algorithms.

 

What the quantum risk now means to data theft attacks

So what is the realistic likelihood of being able to crack RSA today?

 

Due to the nature of quantum states, the fear is that once QCs become powerful enough, they should be able to “instantaneously” decrypt traditional encryption.

 

Today, it is still unlikely that anyone with malicious intent will be in a position to break security such as HTTPS or TLS. (This is not to say that governments don’t have access to the above state-of-the-art devices. There is no concrete evidence to prove this either way). QC is expensive. This is good news for the security community, as it is keeping QC out of the hands of the larger hacking groups.

 

The publication of Regev’s recent paper does pose a realistic concern. Quantum computing is still a way off instantaneous decryption. But what is to stop hackers from hoarding encrypted data that will become decipherable in “the near future”?

 

Modern crypto algorithms are designed to take a very long time to crack with classical computing. AES-256 should take billions of years. RSA-2048 should take trillions. With quantum computing, it’s estimated a stable 4099 qubit device will be able to crack RSA-2048 in 10 seconds. Notice that this last sentence is future tense as a 1000-qubit device is not stable enough yet to perform this.

Regev’s algorithm estimates 3 orders of magnitude improvement in calculations over Shor’s. This means, theoretically, strong encryption could now be broken within 6 months, on today’s quantum computers.

 

This considerably moves the goalposts.

 

Is the advice to my students of “don’t worry it’s a long way off” now out of date?

 

I would say it certainly puts reasonable-timeframe crackable encryption on the radar. It is now possible to rent time on cloud QCs, such as IBM’s Quantum Experience, Microsoft Azure Quantum, or Google Cloud Quantum. What happens when Regev’s approach gets split over distributed QCs? D-Wave is expected to announce a 7,000 qubit device in 2025/26.

 

Action you should take today

I refer you back to my students, and the first part of advice I gave them.

 

You really should have a plan around what you intend to do before quantum computers become more common place. In recent years NIST have selected three post-quantum algorithms as part of their post-quantum cryptography standardisation project. These include CRYSTALS-Kyber (ML-KEM), CRYSTALS-Dilithium (ML-DSA), FALCON (FN-DSA). It is going to take a while for these to appear in off-the-shelf technology. Even longer for them to become the norm in backbone security. There are still some practical issues that prevent quantum computing being a near-term threat to today’s ciphers.

 

But we should heed the warning of possibilities from Regev’s algorithm. If your data is valuable enough to an attacker, then waiting six months to be able to read that data is not a big ask.

 

If I were lecturing my students today, I would offer a third piece of advice. Make sure you have strong data theft prevention in place. If you can stop attackers getting your data in the first place, encrypted or not, you won’t have to worry about them hoarding your data.

 

Data theft prevention also buys you more time to plan your migration to post-quantum.

 

All business-sensitive, proprietary data is subject to theft. Be that data stored locally on encrypted drives, data in the cloud, or application data in transit. Data theft prevention is no longer complicated, nor expensive. Even for encrypted data.

 

Conclusion

We should see Regev’s recent paper as a premonition warning of things to come.

 

It is unlikely that bad actors have quantum computing today. We can, however, expect to see bad actors hoovering up more of our data, knowing it can be decrypted in 6-12 months.

 

Encrypting data at rest and in transit is still an essential part of any data protection strategy. But you should have a plan to move to quantum-resistant algorithms once available.

 

Finally, take a pro-active preventative approach. Make sure you prevent hackers from being able to steal your data in the first place.

 

ZORB provides software that prevents hackers and malware stealing business-sensitive data. Our software has been intentionally designed to be easy to setup, affordable, and hands-off. Our goal is to make it simple for all businesses, regardless of size, to be able to implement anti-data theft controls. Not only for today’s world of increasing theft attacks, but to prepare for tomorrow’s world of less effective encryption.