Quantum computing is being discussed more and more within businesses, but what is it, how does it work and what effect will it have over digital trust services?
At the most basic level, a quantum computer uses properties of quantum mechanics to perform computations that will not be possible with traditional computers.
Quantum computing is therefore often used for applications that require significant processing power or in use-cases where there are vast amounts of data to be processed. Systems such as video facial recognition modelling and tracking, artificial intelligence and machine learning, large data models like molecular, chemistry, genomics, traffic optimisation, financial modelling – all these are at the forefront of quantum computing.
Computational power has increased significantly over the last few decades and as a result, processors have become more powerful, have access to more memory, use faster disks and overall deliver faster processing. This increase in computational power will continue to expand exponentially with the introduction of quantum computers.
As computational powers have increased, so has the likelihood of being able to reproduce existing hashes. Over the years, algorithms and hashing techniques have been replaced to stop a more powerful machine reproducing a given hash or given key. In other words, more powerful computers mean someone can theoretically forge a signature or tamper with information that is currently protected by a digital signature.
As with any emerging technology, quantum computing’s power means its capabilities will likely be used for nefarious reasons, including breaking cryptographic systems and the authentication systems we rely on to secure our digital lives.
Quantum computing is that next evolutionary step in this conundrum.
How will quantum computing affect trust services?
The security of the internet depends on Public-key cryptography and this security relies on the difficulty in solving the mathematical problems generated in the usage of Public-key cryptography.
With the introduction of quantum computing, computational power will increase to the extent where new algorithms are required to be designed to provide the assurance that these problems are mathematically difficult enough for this new computational power to solve relative to the time it will take to solve that problem.
The basis of all good cryptography is the random number generation process. Hardware Security Modules (HSM) have been used for decades to provide a hardware based random number generation source. There is new research emerging around laser based random number generation and generating reliably random numbers that are sufficiently long to withstand the brute force computational power made available with quantum computing.
Quantum attacks on current cryptographic algorithms mean that an attacker could come along and start masquerading as the original owner of the key to digitally sign documents, thus undermining the whole integrity of information protection and authenticity.
To mitigate this, businesses need to be cryptographically agile and introduce new hashing algorithms into products as soon as they are approved by NIST (National Institute of Standards and Technology) and other agencies so that customers can produce keys resistant to attacks by quantum computing systems.
NIST’s current research activities on Quantum Safe Cryptography and standardisation will ensure an outcome that will provide recommendations on specific algorithms for specified use cases. Once the final list is announced, leaders such as Ascertia will need to introduce these new algorithms across products and solutions.
The issue is that although new quantum resistant systems will counter immediate threats, support in broader ecosystems and within third-party components could be challenging, as was experienced with the introduction of SHA-2.
Quantum computing will bring a system shift in how mathematical equations can be solved, which is why the industry needs to be two steps ahead to ensure digital signatures and documents are protected and digital trust is ensured.
As a provider of high-trust digital products and services we are always adhering to the latest available standards and solutions to deliver digital trust, now and in the future.