Is Your Data Safe from Q-Day?

By Production Perig @ Shutterstock.com

Among cybersecurity professionals, Q-day is the name given to the time when quantum computers will become so powerful that current cybersecurity measures will be useless. That day might not be that far away as governments around the globe are pouring money into advancing quantum computing. Your Survival Guy has warned you many times about the incessant surveillance of the “virtual Panopticon” of the modern world. Q-day will open your private data up to anyone who has the resources to build a quantum computer with enough power. Zach Montague reports in The New York Times:

They call it Q-Day: the day when a quantum computer, one more powerful than any yet built, could shatter the world of privacy and security as we know it.

It would happen through a bravura act of mathematics: the separation of some very large numbers, hundreds of digits long, into their prime factors.

That might sound like a meaningless division problem, but it would fundamentally undermine the encryption protocols that governments and corporations have relied on for decades. Sensitive information such as military intelligence, weapons designs, industry secrets and banking information is often transmitted or stored under digital locks that the act of factoring large numbers could crack open.

Among the various threats to America’s national security, the unraveling of encryption is rarely discussed in the same terms as nuclear proliferation, the global climate crisis or artificial general intelligence. But for many of those working on the problem behind the scenes, the danger is existential.

What can be done? Montague discusses some solutions being worked on by the National Institute of Standards and Technology, which manages encryptions for the tech sector in America. He writes:

According to NIST, the federal government has set an overall goal of migrating as much as possible to these new quantum-resistant algorithms by 2035, which many officials acknowledge is ambitious.

These algorithms are not the product of a Manhattan Project-like initiative or a commercial effort led by one or more tech companies. Rather, they came about through years of collaboration within a diverse and international community of cryptographers.

After its worldwide call in 2016, NIST received 82 submissions, most of which were developed by small teams of academics and engineers. As it has in the past, NIST relied on a playbook in which it solicits new solutions and then releases them to researchers in government and the private sector, to be challenged and picked over for weaknesses.

“This has been done in an open way so that the academic cryptographers, the people who are innovating ways to break encryption, have had their chance to weigh in on what’s strong and what’s not,” said Steven B. Lipner, the executive director of SAFECode, a nonprofit focused on software security.

Many of the most promising submissions are built on lattices, a mathematical concept involving grids of points in various repeating shapes, like squares or hexagons, but projected into dimensions far beyond what humans can visualize. As the number of dimensions increases, problems such as finding the shortest distance between two given points grow exponentially harder, overcoming even a quantum computer’s computational strengths.

NIST ultimately selected four algorithms to recommend for wider use.

Action Line: It may be worth your time to consider your own efforts at hardening your technology against intrusion. Click here to subscribe to my free monthly Survive & Thrive letter.