When you order something online or interact with your bank or healthcare provider the data sent across the internet is most likely encrypted with today's strongest cryptography using very large prime numbers. In the future faster machines – quantum computers – will be able to create far more complicated encryption strings with even larger prime numbers—which is good -- however, those same machines will also be able to deconstruct today's encryption in a matter of minutes—which is bad. The question is whether we can get bulletproof quantum encryption in place before quantum computers start breaking the strongest encryption in use today, and researchers are worried about the gap, the interim when a few of these fast computers come online while everyone else is still using legacy encryption.

"In particular there are concerns that if your data needs to live longer than twenty years, you might be inside the window right now," said Chris Burchett, Vice President, Dell Endpoint Security during an interview at last summer's Black Hat USA 2017 conference. "Some will say it will be 40 years, some 50, before [quantum computing] becomes mainstream." But Burchett is warning clients that quantum computing could come sooner.

Present day computers use bits that can either be 1s or 0s at any given time and can have 22 power potential positions—but only one of these positions at a time. Quantum computers use qubits and can have not only 1s and 0s but also super positions of 1s and 0s – all at the same time. So two qubits can be in one of four states (2x2); three qubits can be in one of eight states (2x2x2).

"This increase in variables allows a quantum computer to factor prime numbers of astronomical lengths in a relatively short amount of time," Burchett said. He mentioned that Shor's algorithm can factor any large number into its primes, which is the basis of RSA-based encryption. "It may be feasible to defeat RSA [encryption] by constructing a large quantum computer."

Dustin Moody from the National Institute of Standards and Technology (NIST) agrees, estimating it will take 15 years for quantum computers to break RSA-2048, strong encryption currently in use in ransomware. Moody predicts that the first encryption to fall as a result of quantum computing will be based on public key cryptography such as RSA, ECDSA, Elliptic Curve Cryptography, DSA, Finite Field Cryptography, and Diffie-Hellman key exchange. He cites in particular vulnerable NIST standards such as FIPS 186, Digital Signature Standard, Digital Signatures using RSA, DSA, ECDSA, and SP 800-56A/B.

"We all do online banking and eCommerce and everything based on this idea of curve fitting or factoring large primes – that's the basis of public private keys – today," Burchett said "And so what is the new basis of public private key going to be when there are attacks that can factor large primes quickly? That's the whole question."

"For public key cryptography, the damage from quantum computer will be catastrophic," Lily Chen, mathematician and leader of the NIST's Cryptographic Technology Group, said recently in a session at the American Association for the Advancement of the Sciences 2018 annual meeting in Austin, Texas, according to Gizmodo. "We must look for quantum resistant counterparts for these cryptosystems."

Anticipating this, NIST has posted the first round of comments on the Post-Quantum Cryptography Standardization process. This open call for submissions during 2017 resulted in 69 possible candidates. NIST will hold a workshop in April 2018 to review these in the hopes of drafting updated standards by 2022 to 2023. However, once approved, standards can take several more years to be adopted.

Several companies, including Burchett's Dell, are developing machines that can generate quantum encryption. At the moment, it is a hardware issue. The quantum computers we have today are still pretty slow.

Intel has announced a 49-qubit chip while IBM has announced a way to achieve 56 quantum bits or qubits on a non-quantum computer.

As impressive as that may be, Burchett estimates that it would still take another twenty years to achieve the desired level of quantum computing for real-time quantum encryption. "So quantum encryption becomes really interesting. You can get really secure encryption relatively quickly," he said.

So if real-time quantum encryption is still another decade or two away, why worry today?

"Not only are the good guys working on developing quantum computers for real-time quantum encryption," Burchett said, but there are bad guys, particularly nation-states, with the resources to afford this new technology. That means there is potentially a gap as some systems are protected with quantum encryption. Use of quantum computing by bad actors could leverage this gap, not just in data in transit, but at rest as well.

"There's concern about data at rest with symmetric because quantum is just faster and so the brute forcing speed." In other words, it currently takes years for a computer to crack the strongest encryption used on data storage systems. But quantum computers may reduce that time to hours.

NIST's Moody recommends protecting symmetric key cryptography, AES and Triple DES with longer keys. And he said that hash functions for SHA-2 and SHA-3 will also need to produce longer output. Burchett goes further, recommending that organizations today adopt not one but two layers of encryption. While it won't necessarily stop a persistent threat actor from one day using quantum computers, having that second layer of encryption will at least complicate matters. An attacker may instead turn his or her attention elsewhere.