The Federal Office for Information Security (BSI) has published the update of the “Development status of quantum computers” study. The ongoing development threatens many cryptographic methods currently in use.
When planning the necessary transition to quantum-secure cryptography, a reliable assessment of the risk posed by quantum computing to information security is essential. The study presents the development status of current technologies for realizing a cryptographically relevant quantum computer as well as cryptographically relevant quantum algorithms.
Quantum computers could crack passwords
The ongoing development of quantum technologies threatens many cryptographic methods currently in use. Data that is currently not transmitted in quantum-safe encrypted form and must be protected for a long time (e.g. by law) can be recorded today and decrypted in the future if a sufficiently powerful quantum computer exists (“store now, decrypt later”). In addition to the confidentiality of data, other protection goals such as the authenticity (of data) are also at risk from quantum computers in the future.
At this point, the conclusion of the study is that the development of cryptographically relevant quantum computers will take another decade or two - if none disruptive technological breakthroughs take place. This assessment refers to the development of the currently leading approaches of superconducting or ion-based quantum computers with corresponding error correction.
Attackers are already collecting data to decrypt it later
There are now a wealth of new developments, both in technologies and algorithms. Even if none of these represents a real breakthrough so far, the time span could be significantly shortened if current heuristic results prove to be feasible and effective.
For long-lasting data that is not encrypted in a quantum-secure manner, there is already an acute need for action today under the “Store now, decrypt later” scenario. This need for action becomes even more urgent in view of the likely long migration times. A mathematician recently claimed that he can already crack passwords with limited resources and a quantum computer.
More at BSI.Bund.de
About the Federal Office for Information Security (BSI) The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.