- Press Department

# Hacking, Cryptography, and the Countdown to Quantum Computing

Given the recent ubiquity of cyber-scandals—Colin Powell’s stolen e-mails, Simone Biles’s leaked medical records, half a billion plundered Yahoo accounts—you might get the impression that hackers can already break into just about any computer they want. But the situation could be a lot worse. The encryption methods that protect everything from online shopping to diplomatic communications remain effectively impregnable when properly implemented, even if, in practice, there are frequent breaches—whistle-blowers, careless clicks, and so on. This relatively happy state of affairs will not, however, endure. Scientists around the world are inching toward the development of a fully functioning quantum computer, a new type of machine that would, on its first day of operation, be capable of cracking the Internet’s most widely used codes. Precisely when that day will arrive is unclear, but it could be in as little as ten years. Experts call the countdown Y2Q: “years to quantum.”

This looming but uncertain deadline hovered in the air at the Hilton Toronto last week, where government officials, cyber-security researchers, and representatives from companies like Amazon, Microsoft, and Intel gathered for an international workshop on “quantum-safe cryptography.” Michele Mosca, a professor at the University of Waterloo’s Institute for Quantum Computing and the co-host of the workshop, pegged the odds of reaching Y2Q by 2026 at one in seven, rising to one in two by 2031. But the exact date doesn’t really matter, because the time needed to invent, battle-test, standardize, and roll out new security algorithms Internet-wide might be just as long. Brian LaMacchia, the head of security and cryptography at Microsoft Research, has a working estimate of 2030. “The people who try to build quantum computers, who sit on the floor upstairs from me, said fifteen years last year,” he told me. “So I said, O.K., let’s work backwards from that. And I’m out of time.”

Classical computers encode information as a series of bits, which can be either 0 or 1, and then manipulate those bits according to simple rules. A quantum computer isn’t just a faster or better classical computer; it’s fundamentally different. Instead of bits, it stores information as qubits, which can be 0, 1, or both at once. That’s a consequence of the quantum-mechanical property of superposition, which allows physical objects to exist in multiple states, or even be in different places, at one time. Thus, two qubits can represent four states simultaneously (00, 01, 10, 11), and a hundred qubits can represent 1.3 quadrillion quadrillion. This quantum peculiarity allows the computer to find patterns in huge data sets very quickly—to get detailed information about a forest without looking at all the trees, as Mosca put it. The main mathematical challenge in breaking current codes is factoring very large numbers, which for classical computers is the equivalent of trying combination after combination to see if it opens a lock. As the keys get longer, the locks get tougher. It took about two years on hundreds of computers to unlock a single instance of the RSA-768 algorithm, which, as its name suggests, requires a key that is seven hundred and sixty-eight bits long. Doing the same for its more secure cousin, RSA-1024, would take about a thousand times longer, and RSA-4096 is effectively out of reach. A quantum computer, on the other hand, would tackle such problems effortlessly. (...) __Read more__