This post is also available in: heעברית (Hebrew)

The world relies on encryption to protect everything from credit card transactions to databases holding health records and other sensitive information. A report from the US National Academies of Sciences, Engineering, and Medicine says we need to speed up preparations for the time when super-powerful quantum computers can crack conventional cryptographic defenses.
The experts who produced the report say widespread adoption of quantum-resistant cryptography “will be a long and difficult process” that “probably cannot be completed in less than 20 years.” It’s possible that highly capable quantum machines will appear before then, and if hackers get their hands on them, the result could be a security and privacy nightmare.
The report cites an example of encryption that protects the process of swapping identical digital keys between two parties, who use them to decrypt secure messages sent to one another. A powerful quantum computer could crack RSA-1024, a popular algorithmic defense for this process, in less than a day.
Quantum computers that harness quantum bits, or qubits, promise to deliver exponential leaps in processing power that could break today’s best encryption. Such machines, which would require a couple of thousand “logical” qubits, are probably at least a decade away, say the US experts.
Qubits’ delicate quantum state can be disrupted by things like tiny changes in temperature or very slight vibrations, so it can require thousands of linked qubits to produce a single logical one that can be reliably used for computation.
William Oliver, an MIT physics professor and a member of the group that produced the academies’ report, notes that governments and businesses like banks often need to keep data secure for decades. They therefore need to be thinking now about potential future threats to the encryption they’re using, according to
Scott Totzke, the CEO of Isara, a startup that’s developing quantum-proof cryptographic solutions, says it’s getting plenty of interest from automakers worried about risks to software in connected cars and other vehicles that will spend many years on roads.
Isara’s work is part of a wider push in the cryptographic community to come up with new encryption methods that can’t be cracked by quantum computers.
The US National Institute of Standards and Technology is working to develop standards for quantum-proof cryptographic algorithms related to them.
The biggest challenge will be getting these widely adopted. The academies’ experts say negotiating standards, persuading vendors to follow them, and then getting organizations to upgrade their hardware and software can take years. Old data will also need to be reencrypted or destroyed.