Quantum computers promise to enable faster, far more complex calculations than today’s silicon chip-based computers. But they also raise the possibility that future computers could retroactively break the security of any digital communications that exist today, which is why Google is experimenting with something called “post-quantum cryptography.”
While quantum computer development remains in its early stages, some such computers are already in operation. In theory, future generations of quantum computers could “decrypt any Internet communication that was recorded today, and many types of information need to remain confidential for decades,” software engineer Matt Braithwaite wrote yesterday in a post on Google’s security blog. “Thus even the possibility of a future quantum computer is something that we should be thinking about today.”
Preventing potential nightmares for cryptographers and security organizations will require post-quantum cryptography, Braithwaite said. But Google is far from the only organization researching the possibilities.
Last year, for example, the National Security Agency (NSA) updated its guidance on information security to note that it’s working with other agencies and companies to develop the next generation of cryptographic algorithms. “Our ultimate goal is to provide cost effective security against a potential quantum computer,” the NSA said.
Testing ‘Small Fraction’ of Google-Chrome Connections
Google’s experiment in that area involves applying both a standard cryptographic algorithm and a post-quantum key-exchange algorithm to “a small fraction of connections” between Google’s servers and desktop Chrome users, according to Braithwaite.
“By adding a post-quantum algorithm on top of the existing one, we are able to experiment without affecting user security,” he said. “The post-quantum algorithm might turn out to be breakable even with today’s computers, in which case the elliptic-curve algorithm will still provide the best security that today’s technology can offer. Alternatively, if the post-quantum algorithm turns out to be secure then it’ll protect the connection even…