Rather than waiting for a quantum computer to perform this feat (which may not happen for another decade or longer), teams of researchers, including Lyubashevsky and his colleagues, are scrambling to find new encryption methods that quantum computers cannot manipulate, based on more secure equations. That ability means a quantum computer could crack systems like RSA, a widely used method for encrypting data. In particular, a quantum technique called Shor’s algorithm can factor large numbers exponentially faster than classical machines. “There is quite a limited set-four types of algorithms we know so far- they can do faster than conventional computers.” Unfortunately, though, this limited set is still enough to threaten the current encryption infrastructure to some degree. And that’s not actually true,” says Alan Woodward, a professor of computer science at the University of Surrey in England, who is not involved in IBM’s research. “People have kind of assumed that quantum computers are a generalized speedup of conventional computers-that they somehow can do everything a conventional computer can do but much faster. There are, however, still equations that quantum algorithms have not yet managed to solve.
“As it so happens, can solve the sort of these cryptographic problems upon which we built our cryptography in the 1980s exponentially faster than classical computers,” Lyubashevsky says. But many of these encryption algorithms (including those that rely on multiplying two large prime numbers together) were originally developed decades ago, before researchers had developed quantum algorithms that could outperform classical ones. “There are a lot of problems that cryptography is based on right now that, actually, we don’t think can be solved by normal computers,” says Vadim Lyubashevsky, a quantum-safe cryptography researcher at IBM Research–Zurich. For instance, any computer can multiply two extremely large prime numbers together, yet factoring the result is nearly impossible-at least, it would be for a classical machine. Different public-key systems can utilize different algorithms, as long as they are based on mathematical problems that are easy to put into place but hard to reverse engineer.
In contrast, public-key cryptography uses a mathematical algorithm to generate much more complex keys so the code cannot be run backward in this way.
That ability means anyone who knows how to put the code in place can also reverse engineer it. Think of symmetric cryptography as a more complex version of a substitution cipher: if the message is encoded by shifting each letter of the alphabet ahead by three places, one can crack the code by simply shifting each letter back by three. This arrangement makes such asymmetric cryptography more secure than a symmetric system-one that is more like an unlocked lockbox (security depends on keeping the box hidden, because a person who can get to it to drop in a message can also access its contents). Although both parts of this system are called “keys,” the public key is more like a slotted lockbox: anyone can drop something in, or encode a secret message, but only the private key’s holder can unlock the box, or decrypt the message. With this technique, data are encoded with a so-called public key, which is accessible to all decoding that information requires a private key that only one party knows.
To send secure messages online or encrypt the files on a computer, most modern systems employ asymmetric, or public-key, cryptography. Most recently, IBM successfully demonstrated a quantum-proof encryption method it developed. That’s why the National Institute of Standards and Technology is already pushing researchers to look ahead to this “postquantum” era. Once quantum computers become functional, experts warn, they could perform calculations exponentially faster than classical computers-potentially enabling them to destroy the encryption that currently protects our data, from online banking records to personal documents on hard drives.