CG - Quantum Computing: When will it break Public Key cryptography?

we're going to get started we've uh we've got a quick 20 minutes and you know like 150 slides like all Microsoft employees just kidding um so uh to start James Ringold I've been in Industry about 30 years uh if you really want to look me up you can find me on LinkedIn uh AKA or not AKA well aka.ms slj Ringold will uh get you to my LinkedIn uh this is Common Ground so we're going to talk about Topics in an interactive way um I've framed this discussion to be interactive I'm going to ask questions I expect someone to just have an answer so um it'll be good the problem that we have right now in uh

in Quantum Computing is everyone wants to know what's the date when's this going to happen when's the headline uh that comes out right attackers are using Quantum Computing to run shor's algorithm and break Quantum uh or and break uh public key cryptography anyone have a guess anyone wager a thought go ahead that's 100 years a hundred years 10 to 10 to 100 years well you're close you're you're in the range um when when we think about you know what does this mean to change or to break public key cryptography uh we look at all the things that are at risk right uh anything that you have encrypted using uh Diffy Helman or RSA key exchanges

right uh those are what's going to be at risk uh where is that used well pretty much every network communication that we've that we've used since SSL 1.0 right back in Netscape Navigator uh all of it has used some form of uh public cryptography uh the impact is really confidential confidentiality and integrity right uh anything that is right using that cryptography is going to have some challenges I asked co-pilot uh you know what why is why is Shores algorithm such a big deal and why you know why is RSA susceptible and it gave an somewhat acceptable answer right says Hey RSA uses prime numbers right large prime numbers and when we think of large prime

numbers and multiplying them together it starts to get a little difficult and then you know you do some some n minus one maths and multiply them together and it gets more difficult um and really that's what Shore's algorithm in a quantum computer is going to be able to do is calculate those Al or calculate those prime numbers faster um and really help to uh decrypt a bunch of uh encryption so when we think about you know what this really means we have to look at you know what's the reality right um the uh Cloud security Alliance has put out this date approximately 2030 uh or sorry 2035 right I think their countdown timer as of yesterday was 5 years that we should

have a capable a Quantum uh relevant uh quantum computer a cryptographically relevant quantum computer uh when I looked at their research it was interesting uh they they've kind of just put it out there as a marketing right they're they've put it out there as this is the date we expect it to happen based on what we've seen uh in industry and when we look at you know what it really takes to do Quantum cryptography and crypt analysis uh we're we're really needing at this point about 2 million or so stable cubits anyone know how many we have today in the largest quantum computer not physical cubits yeah but it's it's on the yep 56 so if

you think we need to get to two million right to get to the required error correction which is 10 Theus 6 um right and and that's really what we're looking at it's that that error correction rate um that we need and today in in the yellow you know quanum announced uh July 13th that you know they have the most powerful quantum computer and it has 56 bits so we're we're a little ways from from 2 million um in my estimation I'm not quite sure but 56 to 2 million is a lot that's a big that's a big jump um it has to be so we have to find some exponential um capabilities there which we are doing there there's

uh some companies working on silicone-based um uh silicone based quantum computers and things like that so uh it it's it's coming when we look at how many cubits is it going to take to break uh encryption that we have today the existing RSA and and Diffy Helman key exchange uh algorithms and when we look at you know the models that we've run uh we we're still in the 1 to 10 million cubits right um it's multiple cubits it's it's multiple millions of cubits in order to be able to um and this uh this uh research here was done uh by the Microsoft Quantum team uh and and they've run these simulations multiple times and they continue to run the

simulations the interesting thing I found is when we look at uh how long it would take a quantum computer to attack AES which is the red document or the red triangles here um you'll notice it's uh exponentially longer right I believe the dotted line there reads age of the universe so we've got a little bit to go before before AES seems to be susceptible um but that's right um it's it's something that we look at again the yellow line at the bottom July 13th uh 56 Cubit system and we're we're a little bit I think that's 0.0056 million for anyone who wanted to um to look at that so we've got a little bit of ways to

go the challenge we really have though is cryptography is everywhere right we spread it like peanut butter on everything and if you're allergic to peanuts then you know cocoa butter or you know something else um but it's it's everything it's in iot it's in your your watch it's in your phone it's probably in the thermostat for this room right we've embedded this encryption in almost everything but we're not really good at maintaining it are we like think of how many systems we have on the planet that are running just TLS and how many still have uh you know TLS versions that are deprecated uh I think the last last statistic from uh qualis SSL Labs uh was

there's like 7,300 uh systems on the uh that they've scanned in May that are susceptible to these vulnerabilities or or vulnerabilities that are publicly known uh again how hard is it going to be to change the root certificate authorities across the planet and to migrate them and replace all the certificates right this is the effort that we have to prepare for in the industry it's not going to be easy but it's coming when we think about you know the the history of SSL and TLS this is the timeline that we're racing against right when we look at how long is it going to take for us to get to 2 to 8 million cubits it's really more of a of a

timeline of how long is it going to take to replace all of the cryptography um and and that's really the the racing and why the move to post Quantum cryptography is uh is urgent um because most of us aren't planning that quite yet

takeaways what can you do today in to to prepare for Quantum protography well since nist has not certified uh uh FS 2034 and five as of today there's really not a lot you can do in production um you can leverage those algorithms in a you know in a non-production environment you can certainly look at those candidates and if you want to implement them uh in in certain ways you you certainly can um you know we are certainly in a place that we have to prepare for something that we can't do yet uh but you can still try and you can still uh Implement uh in in test and start cutting your teeth in there anyone have

questions so the one you came yeah go ahead

uh so the question was you know is there uh is there a recommendation around you know increasing key lengths and key sizes and things like that um so for RSA yes uh for RS or not for RSA sorry for AES yes um increasing key sizes again you're still at age of the universe but right we we want to be age of the universe plus you know plus 10 maybe um but for uh RSA and uh Diffy Helman uh not against Quantum attacks because we're um attacking the algorithm directly we're not attacking the implementations um and so it's it's just uh it's not it's not going to make a difference it might make it incrementally take longer but you're

measuring it in you know in uh minutes and days not in weeks and and years so the real question is what do we what do we think right um what is the projection right uh we we've heard you know uh a d a number of places that that uh are are making advancements in Quantum Computing and and advancements in Quantum uh and they are moving as fast as possible right uh moving from uh superc conducting down to silicone-based Quantum Computing uh will change that math and we'll Advance things uh quite exped exp expeditiously uh but until then um right it's it's a it's a race best estimate is we've got about 10 years right um but if we go back to that

SSL timeline it's going to take us 10 years to change TLS and SSL across the planet so it's not that we're racing against it it's it's we're racing against ourselves uh attacks everyone loves to talk about Quantum attacks um right the Harvest now do grip later what are we doing about Harvest now to grip later uh the biggest one is do some attack modeling understand where your network traffic goes um Harvest now and decrypt later only works if I can capture your network traffic if I can't capture your network traffic then it's not going to work uh what's not susceptible databases if I steal your database it's not susceptible to a Quantum attack assuming it's uh encrypted with uh AES um if if

it's a encrypted you know in some other way it it might be but uh for the most part we're using TLS uh to transmit data not to do bulk encryption blockchain's the other one um blockchain will require some changes um that's going to be an interesting uh change over uh a lot of uh a lot of uh companies are saying once we uh sign that first packet it upgrades the whole chain we're not quite sure if that's going to work the way we think it will because if I upgrade that chain do everyone does everyone else have to be upgraded that's in that chain so it's again a timing thing things that we have to work

on you got a question um so in most of this proposals that they Bas on lus math I think it's a mistake to base all your Solutions off the same mathematics what's your feeling on that so the question was you know the the NIS Bas is is doing lce the three algorithms that are up are lattice based math uh ma latus math-based um algorithms uh are there you know what's what's my opinion well um again I haven't done the Deep Crypt analysis I haven't done the deep math um so uh if you think about everything we've done in cryptography is based on math right is math the real solution um I'm not sure there are other things we can do that

we're working on in the future that maybe isn't math-based maybe it's it's a uh you know um Photon or light based doing other things but yeah I don't I don't see um I don't see that I was just speak I assume that we would use other mathematics I curious that you

Sol's ever proven it's gr so we've got something that's out forcades it's not right lean that contest is not correct yeah the the the NIS contest uh their their rules um you know were where they are and the agencies and the public comments were what they were um but yeah there there are going to be other ways to that problem that we make in the future that we find in the future

yeah sure so the the question is you know right now Quantum is uh is very expensive you know the the attack paths that we're using here are really we're talking about nation states um and and that is the you know you can you can do modeling and and things like that in AWS and and Google and IBM and and Microsoft's Quantum uh Labs today and you can leverage that power and run simulations but again they're not large enough uh to do that at scale and they are fairly expensive um I would expect we're talking about a a five-year life cycle for some of that to become more common yeah it seems like a hybrid approach

yep yeah uh the comment was in relation to using classic computers to error correct for quantum computers um that is showing a lot of Promise it's showing a lot of uh a lot of insight um whether or not they can be used in the same method to run Shores algorithm is still a question I haven't seen anyone run those tests yet yes y yeah and and that's the the biggest challenge with Quantum is finding the airfree cubits and and getting them to to be able to run the algorithms the way that you expect the results to run

yeah uh so Quantum energy uh consumption again um the better the better we know uh what these supercomputers um can do and and uh you know the better we use new materials again silicone-based uh cubits are going to be a big um a big advancement uh the faster we will reach that Cubit number so does that adjust your doesn't adjust mine but I don't know enough about those advancements to yep

yeah sure so um the the question is you know uh what's the implication to bitcoin and and other uh um you know other um challenges with blockchain um and and it becomes the the question of uh again uh if we if if quantum computers are able to to calculate uh those keys then yes there will be major implications to blockchain again the race condition is how fast can we convert the existing blockchain to a new algorithm once those algorithms are

available yeah so the the with a blockchain um the attack Vector is going to be being able to calculate the keys for wallets right and being able to then add and remove things into um that chain um based on being you know having that certificate or having those access to be able to calculate those keys so it's really more of the I would expect the uh the authentication components to be at more risk there than the data I mean blockchain data is an open uh it's an open ledger so there's really no data data encryption there at all right you're you're really talking about the transactions and and who can authorize those transactions and the same thing would be

for you know any other authentication that you do that's using certificates right think smart cards or or uh credit card right ship and pin right all of those algorithms will potentially uh need to be evaluated for uh updates as well right last

question so yeah embedded systems and and older Hardware will um so the question was you know anything around embedded systems and and things that can't take larger key sizes and and that's going to be the challenge right uh the history of our technology and the Legacy the uh the challenge of not being able to upgrade and and uplift are going to require us to do things that we aren't prepared to do right you're talking about Network isolations and things like that and I mean if you think about it if protecting that network communication is probably your best bet all right uh thank you for an interactive session I I hope you enjoyed it uh if you have any questions you can

find me on LinkedIn or I'll be walking around [Applause]