Many are familiar with the progress being made towards the next generation of computing: quantum computing. While quantum computing promises to revolutionize the entire world and provide a wealth of innovations and advancements in our industry, it also comes with significant challenges. One of the most salient and immediate concerns is its ability to break our current generation of encryption techniques.
The National Institute of Standards and Technology (NIST) has therefore previously launched an initiative [0] to identify candidates for the next generation (post-quantum) encryption methods. A late-stage alternate known as SIKE, was successfully defeated [1] by classical computing using conventional hardware in just an hour, thanks to a previously researched and still present flaw in the underlying cryptographic algorithm.
It is one of eight candidates and alternates being evaluated and does not represent a failure of the entire initiative.
It does, however, underscore why candidates for next generation encryption need to be consistently evaluated and tested to produce a winning standard. Yet, it is concerning that the trial candidates now stand at four candidates and three alternates, with SIKE invalidated [2]. Should these candidates be defeated, the initiative will need to start over.
We may not have the time for that.
Some or even much of our data is already encrypted in a way which is ultimately indefensible and may already be “compromised-in-waiting” if malicious actors have stored it for later access [3].
[0] Post-Quantum Cryptography Standardization
[1] Single-Core CPU Cracked Post-Quantum Encryption Candidate
[2] Post-Quantum Encryption Contender is Taken Out by Single-Core PC
[3] Quantum Computers Could Crack Today’s Encrypted Messages