Is the newest quantum breakthrough an encryption killer?

Quantum computing is one of the more interesting technologies being developed today. It promises to revolutionize many aspects of computing, once the technical details of exactly how to do it are worked out.

With the steady stream of press releases from researchers touting quantum computing breakthroughs, it's easy to feel like Alice in Alice's Adventures in Wonderland when the entire pack of cards rises up into the air and comes flying down on her.

One of the more interesting cards that might have flown your way recently is the announcement of a record 18-qubit entanglement. It was demonstrated by a team of researchers led by Xi-Lin Wang of the University of Science and Technology of China and has been described as a "significant breakthrough [that] puts us one big step closer to realizing large-scale quantum computing."

Here's why the breakthrough is interesting, and what it means for the future of quantum computing and enterprise IT technologies such as encryption.

How to Achieve Consistent Data Security Across Hybrid IT

The road to quantum supremacy

In quantum computers, the fundamental unit of computation is a quantum bit, or qubit. Classical bits have one of two discrete values: a logical zero, or a logical one.

Qubits are inherently analog in nature. Until you measure their value to see which state they are in, they represent only the probabilities that you will find a logical zero or a logical one when you do this. You can assemble several qubits into a quantum computer to perform calculations that are difficult or impossible on classical computers.

Building a universal quantum computer, one that can perform essentially any computation, is an extremely challenging technical problem. We're far from having solved it. There are commercially available quantum computers, but they're limited to performing certain optimization calculations.

Even the quantum computers that may soon attain the goal of quantum supremacy, or being able to do calculations that are impractical on classical computers, are limited in what calculations they can perform. In particular, they are far from being big enough to crack the encryption algorithms that currently provide the basis for enterprise IT security.

Quantum supremacy is often measured in terms of how many qubits a particular quantum computer has, but the number of qubits by itself isn't enough to tell us how close the computer is to being able to crack encryption.

In particular, the calculations needed to crack encryption require lots of entangled qubits. Hundreds or thousands of them. The fact that 72-qubit quantum computers are in the news while the record for entangled qubits now stands at only 18 should tell you that progress in quantum computing is more complicated than you might think.

Don't get all tangled up

Entanglement is a quantum phenomenon that is much like the classical concept of correlation, or being statistically related. But in the quantum world, entanglement is more than just correlation. In fact, entanglement implies correlation, yet correlation does not necessarily imply entanglement.

Entanglement is what happens when two or more states are so correlated that they act like a single state instead of as separate states. This is hard to achieve, but it's essential to have on a large scale for the operation of the quantum algorithms that can be used to crack encryption.

To get entanglement, you generally need particles to overlap in either space or time. Superconductors and superconducting qubits work because of the properties of lots of coupled electrons that overlap in space.

The approach used to set the record of 18 entangled qubits used photons that got their entanglement by overlapping in time. This can happen when you split a photon into two new photons, each of which has half the energy of the original photon (called "parametric down conversion").

By being created at the same moment in time, the daughter photons are entangled. By cleverly manipulating photons such as these, the researchers were able to get 18 qubits that were entangled.

Fidelity matters

Even though the entanglement of 18 qubits is a truly impressive technical achievement, the entanglement was not perfect. In particular, the 18 qubits had a state fidelity of about 0.71. State fidelity is closely related to correlation and usually doesn't differ from correlation by more than a few percentage points, so all 18 qubits were probably about 70% correlated.

So this experiment showed that all 18 qubits were entangled, but probably not entangled enough to be used to crack encryption, even if the technology could be scaled to thousands of qubits. There's just not enough precision at that level of correlation to let you carry out quantum algorithms that can crack encryption.

In light of this new record for the number of entangled qubits, what can we say about the potential vulnerability of enterprise encryption to attacks that quantum computers would allow? In particular, does this record suggest that we need to accelerate our plans to have a post-quantum encryption strategy in place and to worry about well-funded attackers defeating encryption anytime soon?

Don't believe the hype

There is lots of hype surrounding the potential for quantum computers to eliminate the security that common encryption algorithms provide. Some estimates suggest that quantum computers capable of cracking today's encryption will be available in just a few years.

But a closer look at the facts suggests that this is probably not the case. The previous record of 14 entangled qubits was set in 2010. That’s about eight years before the record advanced to 18 entangled qubits. Progress in this area is difficult and slow.

To crack a 2,048-bit RSA key, such as the ones that today's standards require, a quantum computer will need at least a register of 2,048 entangled qubits. That's far from what's available today. And it seems very unlikely that the current rate of progress in creating more entanglement will make it possible in the next several years.

Because of this, estimates that we have just a few years until today's encryption will be vulnerable to attacks by quantum computers seem premature. The level of precision with which researchers can precisely control quantum states is impressive, but it still doesn't seem to be enough to let them build a quantum computer big enough to crack today's encryption. Lots of basic research is still needed to get to that point.

Stay out front and stay safe

For now, it seems hard to justify worrying about your encryption becoming vulnerable to adversaries with quantum computers. It seems very likely that NIST's effort to standardize encryption algorithms that are quantum-safe will be completed and widely deployed well before quantum computers are a serious threat to security.

Main image: Alice checking her quantum computing news feed. Drawing by John Tenniel

Topics: Security