Keeping secrets is hard. Kids know it. Celebrities know it. National security experts know it, too.
And it’s about to get even harder.
There’s always someone who wants to get at the juicy details we’d rather keep hidden. Yet at every moment, untold volumes of private information are zipping along internet cables and optical fibers. That information’s privacy relies on encryption, a way to mathematically scramble data to prevent any snoops from deciphering it — even with the help of powerful computers.
But the mathematical basis of these techniques is under threat from a foe that has, until recently, seemed hypothetical: quantum computers.
In the 1990s, scientists realized that these computers could exploit the weird physics of the minuscule realm of atoms and electrons to perform certain types of calculations out of reach for standard computers. That means that once the quantum machines are powerful enough, they could crack the mathematical padlocks on encrypted data, laying bare the world’s secrets.
Today’s quantum computers are far too puny to defeat current security measures. But with more powerful quantum machines being regularly rolled out by the likes of IBM and Google, scientists, governments and others are beginning to take action. Experts are spreading the word that it’s time to prepare for a milestone some are calling Y2Q. That’s the year that quantum computers will gain the ability to crack the encoding schemes that keep electronic communications secure.
“If that encryption is ever broken,” says mathematician Michele Mosca, “it would be a systemic catastrophe.”
Y2Q is coming. What does it mean?
Encryption pervades digital life — safeguarding emails, financial and medical data, online shopping transactions and more. Encryption is also woven into a plethora of physical devices that transmit information, from cars to robot vacuums to baby monitors. Encryption even secures infrastructure such as power grids. The tools Y2Q threatens are everywhere. “The stakes are just astronomically high,” says Mosca, of the University of Waterloo in Canada, who is also CEO of the cybersecurity company evolutionQ.
The name Y2Q alludes to the infamous Y2K bug, which threatened to create computer havoc in the year 2000 because software typically used only two digits to mark the year (SN: 1/2/99, p. 4). Y2Q is a similarly systemic issue, but in many ways, it’s not a fair comparison. The fix for Y2Q is much more complex than changing how dates are represented, and computers are now even more inextricably entwined into society than two decades ago. Plus, no one knows when Y2Q will arrive.
Confronted with the Y2Q threat, cryptography — the study and the practice of techniques used to encode information — is facing an overhaul. Scientists and mathematicians are now working urgently to prepare for that unknown date by devising new ways of encrypting data that won’t be susceptible to quantum decoding. An effort headed by the U.S. National Institute of Standards and Technology, or NIST, aims to release new standards for such post-quantum cryptography algorithms next year.
Meanwhile, a longer-term effort