Skip to Content
Computing

NSA Says It “Must Act Now” Against the Quantum Computing Threat

The National Security Agency is worried that quantum computers will neutralize our best encryption – but doesn’t yet know what to do about that problem.
February 3, 2016

The National Security Agency did a surprising thing last August – it suddenly declared that the algorithms it had spent a decade telling the world were the best way to lock up secret data weren’t safe anymore. The reason? The danger of quantum computers.

The NSA has now released more detail on those fears. “There is growing research in the area of quantum computing, and enough progress is being made that NSA must act now,” says a new Q&A-style document on the problem. It’s aimed at companies and government departments working with sensitive data.

The catch is that no one knows how to make quantum-computer-proof encryption. The NSA can only tell companies building new systems to use certain algorithms “believed to be safe from attack by a large quantum computer.” It says it’s working with the National Institute of Standards and Technology on coming up with some new standard algorithms that could survive in a post-quantum era.

Work in that area is still in an embryonic state, however. Quantum-resistant encryption algorithms that have been proposed by researchers at Microsoft and other places have not been formally proved to be safe against the power of quantum computers.

NSA headquarters in Fort Meade, Maryland.

How close we are to quantum computers that could crack cryptography? The NSA isn’t making any bets, at least not publicly. It will only say that recent advances in the field should make us worry about future-proofing systems being built today to protect critical national infrastructure that will be in service for perhaps decades.

There has been striking progress toward building small proof-of-concept quantum computers in the last couple of years. The leaders of Google’s quantum computing effort say they expect to have one in hand that might even do useful work in just a few years.

Reassuringly, though, breaking cryptographic keys is one of the most difficult things you can hope to do with a quantum computer.

Quantum computers are made up of devices called qubits. Researchers expect that some chemistry simulations and machine-learning problems can be taken on with just hundreds or thousands of qubits. Cracking a cryptographic key of the kind used commonly today would require hundreds of millions of qubits.

That suggests our cryptography may be undefeated for a while even after the quantum computing era properly arrives, perhaps giving us enough time to update it. However, many computers and software in use today aren’t patched against even known security problems for which fixes are readily available. We can probably expect a considerable quantum security hangover even if the NSA does manage to come up with a quantum-resistant cryptography standard.

 

Deep Dive

Computing

A chip design that changes everything: 10 Breakthrough Technologies 2023

Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.

Modern data architectures fuel innovation

More diverse data estates require a new strategy—and the infrastructure to support it.

Chinese chips will keep powering your everyday life

The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.

The computer scientist who hunts for costly bugs in crypto code

Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.