CA/B Forum thinking about the new encryption algorithms in the era of quantum computers

Quantum computers - a true technological breakthrough, opening new prospects for the development of modern IT-industry. However, despite all its advantages, the transition to quantum computers exposes new challenges - in particular, the problem with the encryption algorithms used today.

Quantum computer: the future is to become a reality

Back in 1994, Peter Shor, a professor of applied mathematics at MIT, came up with a quantum algorithm that calculates the prime factors for large numbers and makes it much more efficient than conventional computers. However, the successful operation of the algorithm is largely dependent on a computer with a large number of quantum bits (or qubits).

Not so long ago, there was news that researchers from MIT and the University of Innsbruck have developed a quantum computer from five atoms in an ion trap. This computer can be easily extended, that is the first scalable implementation of Shor's algorithm.

Currently, the limiting factor to creating such a computer is its huge cost. It is unlikely that such computers will appear in every home in the near future. However, the fact of its development poses new challenges in different areas of the IT-industry, including the problem of encryption algorithms used today.

Quantum computing - security threat

Quantum computing can be a security risk. Modern encryption is based on the use of complex mathematical operations. To hack the code, the computers that exist today could need at least several thousand years. Quantum computers can easily overcome this obstacle and carry out all the necessary mathematical operations quickly. Thus, encryption schemes are put at risk.

At the moment, the system is not able to hack the RSA encryption algorithm. However, the foundation for the creation of a computer, which effortlessly copes with this obstacle, has already been laid.

Specialists from the CA/B Forum noted that in the era of quantum computers, encryption algorithms like RSA, DH and ECDH, are potentially vulnerable. However, AES and SHA-2 / SHA-3 will continue to be reliable.

The main problem facing the CA/B Forum at the moment - it's development of a QCR infrastructure (Quantum Cryptanalysis Resistant), which is resistant to quantum cryptanalysis. However, this is not the only problem. Immediately the question arises: How will the QCR PKI deployments?

One of these approaches - using Lamport hash signatures in combination with various improvements proposed by Diffie, Merkle and Winternitz. More information about this can be found in the document: https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/.