Skip to main content
banner image
venafi logo

Quantifying Quantum Cryptography: Are You Ready to Manage Your Machine Identities In A Quantum Environment?

Quantifying Quantum Cryptography: Are You Ready to Manage Your Machine Identities In A Quantum Environment?

Graphic of a large data stream, as depicted by multiple line graphs against a dark background
November 14, 2019 | Jesse Green

 

Google has apparently now broken through the quantum barrier to claim what many are calling “quantum supremacy.” This has sparked a lot of discussion about advances in quantum computing and how it may impact vital security functions like encryption.
 

In a nutshell, if Google has quantum supremacy in an application level this would mean that they can begin to execute complex computations at thousands of millions of times faster than conventional super computers. The Financial Times reported that Google’s quantum processor was able to perform a calculation in three minutes and 20 seconds that would take today’s most advanced supercomputer, known as Summit, around 10,000 years.
 

So what does that mean for encryption? Like any computational breakthrough, you will see adoption of its strengths in both building and breaking encryption.
 

Is your PKI agile enough to quickly migrate to quantum algorithms? See our buyer’s guide.
 

 

What Does Quantum Computing Mean for Managing Machine Identities?


With classical public key (PK) cryptography, the strength and protection come from the computational power required to reverse the mathematics that make up an asymmetric keypair. The impact of quantum is that once we have a stable platform, we will be able to crack some of the classic PK algorithms. In 1994 Peter Shor proved on blackboard that we can find the factors of a number using Fourier transformation and the periodicity of prime numbers or their behavior to occur at regular intervals.
 

Shor’s algorithm takes every possible combination of a numbers that could make a big number and run the quantum algorithm against them and the way the waves either constructively or destructively interfere with each other. This results in only two spikes of probability for the possible numbers that could be the right answer. This could break through the most advanced PK in milliseconds and was proven on a 4-qubit photonic supercomputer.


"I have not seen true quantum crypto at this time" 


That being said, I have not seen true quantum crypto at this time. The closest thing I see to this is Quantum Key Distribution (QKD), which is in some ways not unlike the traditional PK we use today. With QKD, the random secret is generated and only known to the creator, rather than the secret being protected by a mathematical function that is easy generate one way and hard to reverse. QKD leverages quantum mechanics based on the information theory where if a third party were to observe the secret it would instantly be destroyed and a new quantum secret would be generated to replace it.
 

The idea here is that we are generating a quantum secure key used to encrypt the secrets. So, this is going to supplement not replace traditional crypto in my opinion. We will just have to scale PK and adapt the way we manage it to be able to cope with the protection and integrations offered by quantum.
 

 

 

 

Quantum Key Distribution



Quantum key distribution is only used to produce and distribute a key, not to transmit any message data. This key can then be used with any chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a standard communication channel. The algorithm most commonly associated with QKD is the one-time pad, as it is provably secure when used with a secret, random key. In real-world situations, it is often also used with encryption using symmetric key algorithms like the Advanced Encryption Standard algorithm.

The main drawback of Quantum Key Distribution is that it usually relies on having an authenticated classical channel of communications. In modern cryptography, having an authenticated classical channel means that one has either already exchanged a symmetric key of sufficient length or public keys of sufficient security level.

 

If I were to guess, I would say that the major players like Venafi—that are already specialists at protecting millions of high-profile machine identities—will have the opportunity to quickly become market leaders in managing the quantum machine identities of the future. Since there is likely to be an even larger margin of human error while emerging technologies are being adopted, organizations will need to maximize their ability to request, track, alert, and act on the landscape in which such a critical asset is being brought into existence.
 

How would you gauge your organization’s readiness to transition to quantum cryptography?


See how Crypto4A is pioneering a way to secure your machine identities in a quantum present environment:

 

 

 

 

 

Related posts

Like this blog? We think you will love this.
how-to-prepare-pki-for-quantum-computing
Featured Blog

PKI and Quantum: How to Prepare Your Public Key Infrastructure for Quantum Computing

We rely on the language of cryptography to communicate securely.

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Jesse Green
Jesse Green

Jesse Green is Senior Security Support Engineer for Venafi. Passionately engaged in helping the Global 5000 protect their machine identities, he trains InfoSec professionals to provide visibility and automation for cybersecurity programs within their enterprise. Jesse is a Certified Ethical Hacker.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more