The NSA just published its year in review (pdf). It’s a comprehensive publication—worth a read. The overwhelming impression is that cyber is hard—there are no silver bullets here. It’s multi-dimensional—cannot be left to the NSA alone, or the US national security community writ large, even with the immense resources it can bring to bear. And cyber is constantly changing, with some big boulders rolling down the path towards us.
We would expect that NSA would be thinking hard about and testing quantum cryptography, quantum computation. But now, adoption of quantum-resistant encryption is a requirement across national security systems in the US government.
The pace in quantum computation is picking up. IBM recently announced a 433-qubit computer; it has stated it wants to build a 1121-qubit machine by 2023. 2050 stable qubits are needed to break RSA 1024 encryption in hours; 4098 to break RSA 2048 in a bit over a day.
There are significant engineering challenges yet to be overcome. But governments, when considering the future of secure encryption, should be taking into account three different time horizons, set out by Michelle Mosca in a 2015 paper:
- security shelf life—how long data should be protected. That’s data-specific: it may be three months for economic indicators before release to the market; seven years for personal tax data; 25 years for Cabinet documents; decades for intellectual property; a lifetime for some personal information.
- migration—the time taken to design, build and deploy new infrastructure and transition organisations to that more secure infrastructure;
- collapse time—the time before quantum competition renders current, or future, cryptography redundant. In 2015, Mosca estimated a one in seven chance that the RSA 2048 encryption would be broken by 2026, and a one in two chance it would be broken by 2030. That’s not far off.
If the security shelf life plus migration time is greater than the anticipated collapse time, that’s a problem. The key constraint is the migration timeframe—shelf life is highly contextual, we cannot bank on the collapse time being stretched out, nor can we assume that quantum computation will rest only in friendly hands.
In cyber, when windows of vulnerability emerge, they are exploited rapidly and so effort must be devoted to limiting the window’s size and persistence. The NSA and other agencies will focus, understandably, on national security needs and systems.
But thought also needs to be given to the availability of quantum resistant systems to non-government and private organisations, and how best to protect individuals. Democracies should consider investing in initiatives such as Tim Berners-Lee’ Inrupt. Helping citizens protect their data and privacy helps retain trust and protects the values that underpin democracy.