• “Business now relies on information infrastructures that are interlinked and interdependent… The way in which these hidden interdependencies pervade our everyday lives is staggering and, in some cases, may go unchecked for many years until an incident occurs that revels the true nature of the interdependences' impact.”

    The British Government’s Technology Strategy Board, 2008
  • “It's not good enough to have a system where everyone (using the system) must be trusted, it must also be made robust against insiders!”

    Robert Morris, former Chief Scientist of the US National Security Agency (NSA), National Computer Security Center, "Crypto '95 invited talks by R. Morris and A. Shamir", 1995

  • "History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did."

    Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997
  • “Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • "There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

    Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt

  • The software security industry today is at about the same stage as the auto industry was in 1930" ... "it looks fast, goes nice but in an accident you die.” ... "The major shortfall is absence of assurance (or safety) mechanisms in software. If my car crashed as often as my computer does, I would be dead by now."

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • "Given their power to intercept and disrupt secret communications, it is not surprising that quantum computers have the attention of various U.S. government agencies.  The National Security Agency, which supports research in quantum computing, candidly declares that given its interest in keeping U.S. government communications secure, it is loath to see quantum computers built. On the other hand, if they can be built, then it wants to have the first one.”

    Prof Seth Lloyd of MIT, MIT Review 2008

  • “When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005

  • "Today’s systems must anticipate future attacks. Any comprehensive system – whether for authenticated communications, secure data storage, or electronic commerce – is likely to remain in use for five years or more. It must be able to withstand the future: smarter attackers, more computational power, and greater incentives to subvert a widespread system. There won’t be time to upgrade it in the field."

    Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997
  • “We are a cyber nation. The U.S. information infrastructure--including telecommunications and computer networks and systems and the data that reside on them--is critical to virtually every aspect of modern life. This information infrastructure is increasingly vulnerable to exploitation, disruption, and destruction by a growing array of adversaries.”

    The National Coordination Office (NCO) for Networking Information Technology Research and Development (NITRD), Federal Register: December 30, 2008 (Volume 73, Number 250).

  • "The future ability of quantum computers might be a decade or two away, their future ability to break public-key cryptography has important implications for the encryption of highly sensitive information today. For these applications, we must already design new public-key cryptosystems and one-way functions that are immune to quantum cryptanalysis."

    ARDA, Report of the Quantum Information Science and Technology Experts Panel, 2004

Resources Frequently asked questions Quantum Cryptanalysis faq: What is the timeline for code breaking quantum computers?
faq: What is the timeline for code breaking quantum computers?
Synaptic Facts and FAQs - Quantum Cryptanalysis

Quantum computation (QC) holds out tremendous promise for efficiently solving some of the most difficult problems in computational science, such as integer factorization, discrete logarithms, and quantum simulation and modeling that are intractable on any present or future conventional computer. New concepts for QC implementations, algorithms, and advances in the theoretical understanding of the physics requirements for QC appear almost weekly in the scientific literature. This rapidly evolving field is one of the most active research areas of modern science, attracting substantial funding that supports research groups at internationally leading academic institutions, national laboratories, and major industrial-research centers. Well organized programs are underway in the United States, the European Union and its member nations, Australia, and in other major industrial nations. Start-up quantum-information companies are already in operation. A diverse range of experimental approaches from a variety of scientific disciplines are pursuing different routes to meet the fundamental quantum-mechanical challenges involved.

Even with the enormous research efforts currently underway there is significant uncertainty as to when large quantum computers might arrive. In 2003 prominent experts involved in the design of quantum computers published that it might take 10 to 100 years before large quantum computers could be built. Therefore the warning flag was raised that our security systems were at risk of catastrophic failure perhaps as early as 2013.

The most comprehensive authoritative report and time estimate our survey identified was from 2004. A report of the Quantum Information Science and Technology Experts Panel of the U.S. Advanced Research and Development Activity [see also wiki: Disruptive Technology Office] under the auspices of the United States Army, Air Force, Navy, and the US National Science Foundation states in section 6.9 that it might be a decade or two before large quantum computers arrive.

In May 2008 Prof. Seth Lloyd of MIT, a coauthor of the ARDA Report, estimates that “at current rates of progress, big, code-breaking quantum computers are at least a decade away”.

As of Aug 2008 Andrew Shields, leader of the quantum information group at Toshiba’s Cambridge Research lab, Andrew is of the opinion that “the use of quantum information technologies in business computing will become a reality in the next 10 years”.

D-Wave Systems claim to be providing quantum computing hardware and software in 2009 with a demonstration project currently beginning.

The current academic and corporate perspective on this threat is summarised as follows:

Advances have often been done in steps, and beyond approximately 10 years into the future, the general feeling among ECRYPT partners is that recommendations made today should be assigned a rather small confidence level, perhaps in particular for asymmetric primitives. ... For instance, signing a message both with RSA and discrete logarithm technology does not offer any additional security if quantum computers become a reality.

However this is not the only long-term risk facing the cryptographic community.

This website uses cookies to manage authentication, navigation, and to provide you with a better and more personal service. By continuing to use this website, you are consenting to this use. Find out more here.
Synaptic Laboratories Limited: Technologies For A Safe and Secure High Performance Computing and Communications Ecosystem.


Related Items