In this Help Net Security podcast recorded at RSA Conference 2019, Avesta Hojjati, Head of R&D at DigiCert, talks about the threat of quantum computers and the solutions that are available to protect us today against the threat of quantum computers.
Here’s a transcript of the podcast for your convenience.
My name is Avesta Hojjati, I’m the Head of R&D at DigiCert. On this podcast for Help Net Security we are going to discuss about the threat of quantum computers and the solutions that are available to protect us today against the threat of quantum computers.
In order to understand the threat of quantum computers, it’s good to understand what a quantum computer is. Compared to a classical computer, quantum computers are the machines that are utilizing the properties of quantum physics. If you think about it, on a classical computer you do have the processing power of a single value at the time, either being 0 or 1, whereas in a quantum computer, due to the properties such as super positioning and entanglement, they are able to process more values at the same time. Instead of 0 or 1 at one time, you can have zero, one or both of them at the same time.
The Bloch sphere is a representation of a qubit, the fundamental building block of quantum computers.
This by itself is actually quite intriguing and good, because your applications are able to take advantage of this. For example, modelling for cancer cells is one of the applications that quantum computers are very good to do, due to their performance.
On the other hand, quantum computers will bring a threat to something that they are using on daily basis, and actually every second that you’re touching that something has a digital value into it, and that is encryption. You’re using encryption specifically to encrypt messages that are going to be transferred between a client and server. Those could be two cell phones, those could be your financial institutes when you go to check your account balance, or it could be a simple transaction as ordering an Uber or Lyft.
The threat that has been caused by quantum computers is due to the algorithms that we’re using for these encryptions today. Algorithms such as RSA and ECC, which were designed decades ago and we are still using them, are susceptible to the attacks that quantum computers are causing.
For example, RSA by itself is easily breakable by a stable quantum computer. That’s due to the fact that classical computers were good at doing some operations, such as multiplying. The basis of RSA are prime numbers, multiplying two large random prime numbers. For a quantum computer it’s very easy to factor this large number. That obviously will break your RSA encryption.
What we’ve been working on at DigiCert is a solution that allows our customers and our users to be able to take advantage of the RSA algorithms, as well as a post quantum algorithm at the same time. Back in 2016 the National Institute of Standards and Technology created a proposal for the algorithms that are able to prevent this from quantum computers. We had about 70+ submissions to NIST. For the second round, which just took place in January of 2019, 23 of those algorithms made it to the second round.
These are algorithms that are using different type of mathematics compared to RSA and ECC or classical crypto algorithms, and these are mathematic basis such as lattice-base, hash-base, that are preventing quantum computers to break that algorithm.
At DigiCert, we have worked on a solution that allows you to deploy to your IT devices or web servers that are able to handle RSA as well as PQC, two algorithms qTESLA and Picnic, one that we have worked with Microsoft Research, another one with ISARA Corporation, that is easily deployable without the requirement of changing any infrastructure on your devices. You can think about protecting your device today, tomorrow, 10, 15 and 20 years from now, without the hassle of requirement of changing an infrastructure.
The solution is easily accessible. You can reach us out at email@example.com, if you’d like to see a demo, if you like to have a device to see this be deployed on.