How will quantum comp. affect cryptography?
One of the reasons our modern cryptography works so well on classical computers is that they rely on prime factorization which classical computers don’t do so well. This has been key to maintaining our computers and networks secured. One of the things Quantum computers do better than classical computers is prime factorization. How will the advent of Quantum computing impact cryptography? Will technologies like secure messaging, email and blockchains like bitcoin be affected?
In short, yes, all of those systems will be impacted. In one place or another, they all rely on public key cryptosystems, most of which rely on one of the following being difficult:
- The integer factorization problem (RSA)
- The discrete logarithm problem (Diffie–Hellman key exchange)
- The elliptic-curve discrete logarithm problem (ElGamal)
Large quantum computers will make all of those much easier and faster using Shor’s algorithm. However, not all cryptographic methods are broken by use of quantum computers - AES is a common and contemporary example of a quantum-resistant algorithm (which I’ve spoken to before here). There are many proposals for quantum-resistant systems which will replace contemporary public key cryptography, but cryptographers have plenty of time to keep investigating before those algorithms will become necessary. Quantum computers we have today are advancing fast, but they need to become much larger and more stable before they can use Shor’s algorithm to shred existing cryptographic protections.
So all these systems will be effected, but will they go away? No. It’s even unlikely that many user(s) of those will really notice when post-quantum cryptosystems are implemented to replace existing mechanisms. For example, your email provider’s encryption is transparent to users - you don’t select encryption algorithms or parameters when you’re sending an email. Remember, email is incredible old, and email providers moved from no encryption, to SSL, to TLS… largely without people noticing or caring, even as each prior system’s protections were shredded by advancing technology or cryptanalysis. Especially as we’ve moved into the usability age, most people won’t even need to make manual changes to what services/ports/etc. they were using, like when email providers started supporting encryption.
So in most cases, engineers will take care of pretty much everything, the key for users will just be to stay updated. The only possible pitfall I see to “just stay updated for protection” is going to be blockchains or certain secure messaging apps - basically anything where you are managing your own keys, you may need to take some small action on. i.e. for cryptocurrency I somewhat expect you will need to create a new wallet and migrate your funds, or use software/a provider/etc. which does that for you. In that case, follow guidance given by security professionals - but again users probably won’t be expected to do much.
Edit: One last thing. The only things that will go away or be substantially less secure are things that are no longer maintained, or not maintained properly. For example, many websites still don’t support modern encryption, or encryption at all. Unmaintained email servers will be substantially less secure until action is taken to upgrade. Blockchains are at risk for misuse and will need to handle that possibility; esp. unmaintained or under-maintained cryptocurrencies will almost surely be misused. But for everyone willing to keep up with technology, I expect most things will keep up.
The advent of quantum computing & Shor’s algorithm will fundamentally change the way professionals think about cryptography, but not the way end users interact with computers, or what computers are used for.